On Dec 20, 2011, at 11:37 AM, Eduardo A. Suárez wrote: > Hi, > > what if evil guys hack my mom ISP DNS servers and use RPZ to redirect traffic > from mom_bank.com to evil.com? > > How can she detect this?
Thankfully mom_bank.com is not valid, as underscores aren't valid in dns names :) Additionally, SSL certificates combined with DNSSEC/DANE can provide some protection. Some of this technology may not be available today, but is worth tracking if you are interested in this topic. - Jared