Ghost Domain Names: Revoked Yet Still Resolvable
نویسندگان
چکیده
Attackers often use domain names for various malicious purposes such as phishing, botnet command and control, and malware propagation. An obvious strategy for preventing these activities is deleting the malicious domain from the upper level DNS servers. In this paper, we show that this is insufficient. We demonstrate a vulnerability affecting the large majority of popular DNS implementations which allows a malicious domain name to stay resolvable long after it has been removed from the upper level servers. Our experiments with 19,045 open DNS servers show that even one week after a domain name has been revoked and its TTL expired, more than 70% of the servers will still resolve it. Finally, we discuss several strategies to prevent this attack.
منابع مشابه
Rfc 3915 Epp
This document describes an Extensible Provisioning Protocol (EPP) extension mapping for the management of Domain Name System (DNS) domain names subject to "grace period" policies defined by the Internet Corporation for Assigned Names and Numbers (ICANN). Grace period policies exist to allow protocol actions to be reversed or otherwise revoked during a short period of time after the protocol act...
متن کاملThe influence of Gribov copies on the gluon and ghost propagator
The dependence of the gluon and ghost propagator in pure SU(3) gauge theory on the choice of Gribov copies in Landau gauge is studied. Simulations were performed on several lattice sizes at β = 5.8, 6.0 and 6.2. In the infrared region the ghost propagator turns out to depend on the choice, while the impact on the gluon propagator is not resolvable. Also the eigenvalue distribution of the Faddee...
متن کاملDomain Registry Grace Period Mapping for the Extensible Provisioning Protocol (EPP)
This document describes an Extensible Provisioning Protocol (EPP) extension mapping for the management of Domain Name System (DNS) domain names subject to "grace period" policies defined by the Internet Corporation for Assigned Names and Numbers (ICANN). Grace period policies exist to allow protocol actions to be reversed or otherwise revoked during a short period of time after the protocol act...
متن کاملThe Ghosts of Banking Past: Empirical Analysis of Closed Bank Websites
We study what happens to the domains used by US banks for their customer-facing websites when the bank is shut down or merges with another institution. The Federal Deposit Insurance Corporation (FDIC) publishes detailed statistical data about the many thousands of US banks, including their website URLs. We extracted details of the 3 181 banks that have closed their doors since 2003 and determin...
متن کاملTop-Level Arabic Domain Names
Internet domain names (i.e., web site addresses) are still written using English characters regardless of the worldwide spread of the Internet. Currently, domain names do not support other languages for one to locate resources on the Internet. Users in non-English speaking countries, such as the Arabs, are disadvantaged. Multilingual domain names have been the goal and activities of many not-fo...
متن کامل