Digitally singing .exe files before publishing and not executing unsigned binaries on the client end would be one option.
Alex > > I don't see any way to protect against this aside from suggestions to > use DNSSEC or SSL (or only use otherwise secured or switched networks.) > In practice the attack might be complicated by the client. It's > entirely possible the victim's resolver will get the 2nd response and > cache that -- who knows. > > > But wow, I'm amazed this doesn't happen more. It seems like this > would be the most obvious way to spread a virus. Indeed, I could > imagine creating a proxy that auto-infects every executable file that > comes through it (just add a silent rootkit installer that runs before > the real installer). _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
