Y
Hacker News
new
|
ask
|
show
|
jobs
by
redox99
126 days ago
Wow, this is an extremely serious vulnerability. People writing it off because it requires MitM. There's always a MitM, the internet is basically a MitM.
1 comments
webstrand
126 days ago
MitM isn't even necessary, a rogue DHCP server configuring a malicious DNS could attack this.
link
burnt-resistor
125 days ago
That's still a MITM, albeit a LAN-local one. Non-LAN WAN isn't the total scope of MITMs.
link
fulafel
125 days ago
If my computer asks your computer what dns server to use, and you respond with the address of a nefarious one, it's not necessarily a mitm.
link
webstrand
124 days ago
The MitM happens when the client sends packets to the fake IP, I think the argument goes.
link
kortilla
125 days ago
That is a form of MiTM. It’s just changing DNS to IP bindings rather than IP to MAC or prefix to ISP.
link