This is a quick tip I noticed while installing a new linux DHCP server.
In DNS hijacking the resolution of a URL comes down from a "poisoned" or hijacked server and directs users to an IP address used by the criminals to serve up malicious websites. My idea is basically to hijack the criminals' IP space. In the DHCP server simply set up a "host" with your server's MAC and set the "fixed-address" field to your fully qualified domain name (FQDN).
Now, this won't actually work for now but if you could convince the routing table (BGP) to announce the criminals' address as being in your autonomous system (AS) then you would have a pretty decent defense mechanism. Unfortunately, I have not studied the border gateway protocol (BGP) in any significant way. We'll see if I can get around to that sometime.
No comments:
Post a Comment