[16783] in North American Network Operators' Group
Re: Possible login/password grabbing ploy
daemon@ATHENA.MIT.EDU (Mark Borchers)
Tue May 12 13:38:05 1998
From: "Mark Borchers" <markb@infi.net>
To: nanog@merit.edu
Date: Tue, 12 May 1998 13:27:54 +0000
Reply-to: markb@infi.net
In-reply-to: <Pine.BSI.3.96.980511201138.17475A-100000@gn2.getnet.com>
On 11 May 98 at 20:16, Ryan Jeffs wrote:
> There has been at least one other company that I know of in the past
> couple of years that has done this, although the name slips my mind. Their
> purpose was to hit poorly spelling surfers with ad's when they typed
> "ayhoo.com" or "entcom.com" etc... accidently in their browser. Legitimate
> use of the domains, no matter how stupid :)
An illegitmate use of these types of domain is easily proven in cases
such as one I dealt with a year or so ago. In a domain that was one
character off from one that my company owned, DNS revealed that there
was a record for every server hostname that was on my network (and
they weren't all commonly-used hostnames, either). If anyone can
think of some ethical and non-malicious reason to do this, I would be
interested in hearing it.
Mark Borchers
InfiNet