why make a virus if can attack a dns server
the only thing that is missing is that they are yet not using spoofed sites so visitors see now the difference. If you would spoof google on another server with another ip address and you can hide the iframes you would work with (new phishing technique), than who would see ?
And you wouldn't need to do a thing.
protect yourself against those attacks (from internetstormcenter)
By default, the DNS server does NOT protect you against DNS cache poisoning. If you run a resolving nameserver on Windows NT 4 or Windows 2000, you are HIGHLY ADVISED to set the follow the instructions here to protect yourself from these attacks: http://support.microsoft.com/default.aspx?scid=kb;en-us;2...
advertising megapowerpills.com. Interesting, the real IP address for www.megapowerpills.com is different and seems to only host an "under construction" image. The malicious DNS servers have the IP addresses of 184.108.40.206 and 220.127.116.11. There are numerous domain names and nameservers that point to these IP addresses. Here are some of the domain names pointing to the malicious DNS servers:
--------------------- end alert internet storm center
Rumors are around that even some big ----- firms haven't secured their dns servers and even allow zone-transfers without authentification.......
read more about dns security
http://www.apricot.net/apricot97/apII/Presentations/DNSan... (1997 but basic)
http://compsec101.antibozo.net/papers/dnssec/dnssec.html (1999 but interesting)
http://www.microsoft.com/resources/documentation/WindowsS... (very good windows 2003 document with basic information also)
http://www.whitehats.ca/main/members/Jeff/jeff_dns_securi... (with a schema to make it easier to understand)
http://www.zytrax.com/books/dns/ch7/security.html the security of DNS Bind 9 (the OS) If you would know how many are still running DNS bind 8 or non patched 9 versions ......
and more about BIND security
expect this to become normal attack-business, so you don't have no choice. Patch it, upgrade it, secure it, service it and look after it.