login | register | shoutbox

 What happened to the Messenger Plus! forums on msghelp.net?
Shoutbox » MsgHelp Archive » General » Forum & Website » Mistruth in FAQ

Mistruth in FAQ
Author: Message:
segosa
Community's Choice
*****


Posts: 1407
Reputation: 92
Joined: Feb 2003
RE: RE: Mistruth in FAQ
quote:
Originally posted by Burningmace
That is not my point. While Messenger Plus! does not open ports for listening, it does connect via the network to other computers on the internet (the update service for one) and these connections are made in the following manner:

1) Resolve the IP address for msgpluslive-update.net
2) Make a connection to this IP address
3) See if there is an update, if there is then download it.

Step 1 is exploitable using DNS spoofing. Step 2 is exploitable (in some cases) using ARP spoofing. Step 3 is exploitable (fake update response sending malware instead of patch) once either step 1 or 2 have been exploited.

GREAT.

No, seriously, that's wonderful. Now let's make sure that we don't use our computers to make any sorts of requests, HTTP or otherwise, because there might be someone performing a man-in-the-middle attack.
The previous sentence is false. The following sentence is true.
09-23-2008 11:41 PM
Profile PM Find Quote Report
« Next Oldest Return to Top Next Newest »

Messages In This Thread
Mistruth in FAQ - by Burningmace on 09-23-2008 at 07:46 PM
RE: Mistruth in FAQ - by matty on 09-23-2008 at 08:09 PM
RE: Mistruth in FAQ - by Burningmace on 09-23-2008 at 08:15 PM
RE: Mistruth in FAQ - by matty on 09-23-2008 at 08:32 PM
RE: Mistruth in FAQ - by Burningmace on 09-23-2008 at 09:00 PM
RE: Mistruth in FAQ - by ShawnZ on 09-23-2008 at 09:35 PM
RE: RE: Mistruth in FAQ - by Burningmace on 09-23-2008 at 09:51 PM
RE: Mistruth in FAQ - by riahc4 on 09-23-2008 at 10:02 PM
RE: RE: Mistruth in FAQ - by Burningmace on 09-23-2008 at 10:11 PM
RE: Mistruth in FAQ - by Voldemort on 09-23-2008 at 10:05 PM
RE: Mistruth in FAQ - by ShawnZ on 09-23-2008 at 10:22 PM
RE: RE: Mistruth in FAQ - by Burningmace on 09-23-2008 at 10:27 PM
RE: Mistruth in FAQ - by foaly on 09-23-2008 at 10:44 PM
RE: Mistruth in FAQ - by Burningmace on 09-23-2008 at 11:01 PM
RE: RE: Mistruth in FAQ - by segosa on 09-23-2008 at 11:41 PM
RE: Mistruth in FAQ - by Link_of_Hyrule on 09-23-2008 at 11:09 PM
RE: Mistruth in FAQ - by ShawnZ on 09-23-2008 at 11:24 PM
RE: Mistruth in FAQ - by Burningmace on 09-23-2008 at 11:31 PM
RE: Mistruth in FAQ - by Burningmace on 09-23-2008 at 11:58 PM
RE: RE: Mistruth in FAQ - by segosa on 09-24-2008 at 12:21 AM
RE: Mistruth in FAQ - by ShawnZ on 09-24-2008 at 12:10 AM
RE: Mistruth in FAQ - by Burningmace on 09-24-2008 at 12:20 AM
RE: Mistruth in FAQ - by WDZ on 09-24-2008 at 12:35 AM
RE: Mistruth in FAQ - by Burningmace on 09-24-2008 at 12:37 AM
RE: RE: Mistruth in FAQ - by segosa on 09-24-2008 at 01:10 AM
RE: Mistruth in FAQ - by Lou on 09-24-2008 at 01:10 AM
RE: RE: Mistruth in FAQ - by Burningmace on 09-24-2008 at 10:09 AM
RE: Mistruth in FAQ - by Menthix on 09-24-2008 at 11:25 AM
RE: Mistruth in FAQ - by Spunky on 09-24-2008 at 01:38 PM


Threaded Mode | Linear Mode
View a Printable Version
Send this Thread to a Friend
Subscribe | Add to Favorites
Rate This Thread:

Forum Jump:

Forum Rules:
You cannot post new threads
You cannot post replies
You cannot post attachments
You can edit your posts 		HTML is Off
myCode is On
Smilies are On
[img] Code is On