Talk:DNS Poisoning

From SQRLauth.net
Revision as of 22:51, 17 June 2016 by Ramriot (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Hi Shanedk,

Nice work adding this to the list, I see this page has been added and linked to the https://sqrlauth.net/Attack-Analysis page. I would normally include it as an amplification of the spoofing attack but I see there are other possibilities.

In light of SQRL V1 requiring a secure connection it would be nice to reference how HTTPS affects this attack vector. Also there are some other possibilities that would be useful to mention in the realm of DNS poisoning/takeover attacks, that of local router, ISP level and registrar attacks which do not rely on local malware.