|
Risky Thinking – On Risk Management, Disaster Recovery, and Business Continuity | |
| Home / Risk Glossary / Pharming | 11 May, 2008 | |
|
Pharming (Definition)Pharming is the deliberate corruption of DNS (domain name service) caches so that when a user types the name of a particular website into their browser (or other program), the user is misdirected to a forged website — typically with the intention of capturing personal user information. SSL (Secure Socket Layer) certificates offer some protection against pharming, since the https protocol can authenticate the identity of a website. However, a naïve user may not spot that a website should be secure when it isn't, or that this is a symptom of a pharming attack. It should be remembered that protocols other than HTTP (e.g. POP3, IMAP, FTP) are vulnerable to pharming. Pharming can also be used to conduct man-in-the-middle attacks against vulnerable protocols. See Also: Phishing. How far away should a hot site or mirror site be?
A question that is often asked when designing a disaster recovery plan is how far away a hot site or mirror site should be. Is there a simple answer? (More...)
The Risky Thinking Newsletter contains news, opinions and articles on Business Continuity, Disaster
Recovery, and Risk Management. It's free for people working in the area. Click
here to subscribe.
You're welcome to use these defintions for any purpose provided that an acknowledgement is made to www.riskythinking.com and (if you're using HTML) you provide a link back to this site. © Albion Research Ltd. 2008 |