North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Age old DNS hack reappears
See RFC 1535. I had EDU.COM, and following that there was to be a prohibition on registry of such domains. Network Solutions has [of course] ignored this and handed out tld.tld type domains. Ehud >Had this reported to us, which I thought people might be interested in. >This had happened in .uk several years ago, which prompted a rule to >forbid sub-domains of .uk which are the same as a TLD. >> It appears that someone has registered "uk.co.za" as a domain and is using >> this to fake well-known domain names such as bbc.co.uk. What they have >> done is created DNS entries for "bbc.co.uk.co.za" and >> "news.bbc.co.uk.co.za" so that when someone types e.g. "news.bbc.co.uk" in >> their browser the DNS lookup first finds the "local" site >> "news.bbc.co.uk.co.za" and returns that in preference to the desired site >> "news.bbc.co.uk". In this instance the fake DNS entry contains a redirect >> to the site "http://www.guitarpunk.com/home/mosrite.htm" which is an >> advert for electric guitars. >> >> As a user of the DNS I strongly object to the hijacking of the namespace >> in this manner and request that the co.za domain administrators >> immediately suspend the domain uk.co.za and that you prohibit any future >> registrations of domains xx.co.za where xx is a valid top-level domain. >HTH, >Simon >-- >Simon Lockhart | Tel: +44 (0)1737 839676 >Internet Engineering Manager | Fax: +44 (0)1737 839516 >BBC Internet Services | Email: [email protected] >Kingswood Warren,Tadworth,Surrey,UK | URL: http://support.bbc.co.uk/
|