Comments
funny season of to begin :D
When submitting a comment you may not see it until it is approved by the moderator!
Metasploit.com Attempted Hijack
Posted by: Tom
This past Monday, some silly hacker got the idea that he could easily redirect traffic from Metasploit.com to some Chinese forum using some ARP poisoning directed at the router that the metasploit.com domain resides. Basically he did a MITM attack. Here is an excerpt from HD Moore's reply on the Full Disclosure mailing list:
"Problem solved. Someone is ARP poisoning the IP address of the router on which the www.metasploit.com server resides.
I hardcoded an ARP entry for the real router and that seems to solve the MITM issue. It doesn't help the other 250 servers
on that network, but thats an issue for the ISP to resolve..."
Sucks to be those other 250 servers! This hacker should have brought his a-game if he really wanted take on HD Moore...FAIL!
"Problem solved. Someone is ARP poisoning the IP address of the router on which the www.metasploit.com server resides.
I hardcoded an ARP entry for the real router and that seems to solve the MITM issue. It doesn't help the other 250 servers
on that network, but thats an issue for the ISP to resolve..."
Sucks to be those other 250 servers! This hacker should have brought his a-game if he really wanted take on HD Moore...FAIL!
funny season of to begin :D