Modify

Opened 13 months ago

Last modified 13 months ago

#20 new FalseNegative

exemple.com

Reported by: admin Owned by:
Priority: major Milestone: Release Candidate Beta
Component: RPZ Version: 0.1
Severity: savir Keywords: typosquatting
Cc:

Description

exemple.com

exemple.com is a typically TypoSquatting and is therefore listed within our DNS servers as cname for !example.org it's not sure if this CNAME is working as it depends on the setup of IANA's webserver. Alternatively we will setup our own http redirect.

A litle digging on this domain show that the goes back to "Wild West Domain"... the name says it all.... don't you think?

The domain is regitret via godaddy, who is the best in class when it comes to internet security or privacy

pdnsutil add-record rpz.mypdns.cloud '*.exemple.com' CNAME 345600 example.org
New rrset:
*.exemple.com.rpz.mypdns.cloud. IN CNAME 345600 example.org
pdnsutil add-record rpz.mypdns.cloud 'exemple.com' CNAME 345600 example.org
New rrset:
exemple.com.rpz.mypdns.cloud. IN CNAME 345600 example.org

Attachments (0)

Change History (3)

comment:1 by admin, 13 months ago

hmm was thinking about blocking the entire DNS servers holding the *.exemple.com however that's not quit possible as the servers *.domaincontrol.com are in the dirty hands of godaddy.com who then again is the very same TypoSquatting bandits of secureserver.net.

Conclusion is it's impossible to block the *.domaincontrol.com DNS server as it would interfere on to many innocent humans who don't know better.

comment:2 by admin, 13 months ago

examples.com is NOT necessary one of the same, but more input is needed

comment:3 by admin, 13 months ago

Unfortunately the CNAME records isn't enough... leaving us to do evil things... DNS spoofing or the less evil return the NXDOMAIN in the dns....

Comments allowed and very welcome

Modify Ticket

Action
as new The ticket will remain with no owner.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.