Age old DNS hack reappears
Had this reported to us, which I thought people might be interested in. This had happened in .uk several years ago, which prompted a rule to forbid sub-domains of .uk which are the same as a TLD.
It appears that someone has registered "uk.co.za" as a domain and is using this to fake well-known domain names such as bbc.co.uk. What they have done is created DNS entries for "bbc.co.uk.co.za" and "news.bbc.co.uk.co.za" so that when someone types e.g. "news.bbc.co.uk" in their browser the DNS lookup first finds the "local" site "news.bbc.co.uk.co.za" and returns that in preference to the desired site "news.bbc.co.uk". In this instance the fake DNS entry contains a redirect to the site "http://www.guitarpunk.com/home/mosrite.htm" which is an advert for electric guitars.
As a user of the DNS I strongly object to the hijacking of the namespace in this manner and request that the co.za domain administrators immediately suspend the domain uk.co.za and that you prohibit any future registrations of domains xx.co.za where xx is a valid top-level domain.
HTH, Simon -- Simon Lockhart | Tel: +44 (0)1737 839676 Internet Engineering Manager | Fax: +44 (0)1737 839516 BBC Internet Services | Email: Simon.Lockhart@bbc.co.uk Kingswood Warren,Tadworth,Surrey,UK | URL: http://support.bbc.co.uk/
See RFC 1535. I had EDU.COM, and following that there was to be a prohibition on registry of such domains. Network Solutions has [of course] ignored this and handed out tld.tld type domains. Ehud
Had this reported to us, which I thought people might be interested in. This had happened in .uk several years ago, which prompted a rule to forbid sub-domains of .uk which are the same as a TLD.
It appears that someone has registered "uk.co.za" as a domain and is using this to fake well-known domain names such as bbc.co.uk. What they have done is created DNS entries for "bbc.co.uk.co.za" and "news.bbc.co.uk.co.za" so that when someone types e.g. "news.bbc.co.uk" in their browser the DNS lookup first finds the "local" site "news.bbc.co.uk.co.za" and returns that in preference to the desired site "news.bbc.co.uk". In this instance the fake DNS entry contains a redirect to the site "http://www.guitarpunk.com/home/mosrite.htm" which is an advert for electric guitars.
As a user of the DNS I strongly object to the hijacking of the namespace in this manner and request that the co.za domain administrators immediately suspend the domain uk.co.za and that you prohibit any future registrations of domains xx.co.za where xx is a valid top-level domain.
HTH,
Simon -- Simon Lockhart | Tel: +44 (0)1737 839676 Internet Engineering Manager | Fax: +44 (0)1737 839516 BBC Internet Services | Email: Simon.Lockhart@bbc.co.uk Kingswood Warren,Tadworth,Surrey,UK | URL: http://support.bbc.co.uk/
participants (2)
-
Ehud Gavron
-
Simon Lockhart