[28161] in North American Network Operators' Group
Re: Age old DNS hack reappears
daemon@ATHENA.MIT.EDU (Ehud Gavron)
Tue Apr 18 12:50:50 2000
Date: Tue, 18 Apr 2000 09:47:11 -0700 (MST)
From: Ehud Gavron <GAVRON@ACES.COM>
In-reply-to: "Your message dated Tue, 18 Apr 2000 17:40:49 +0100"
<22900.956076049@sunf25>
To: Simon Lockhart <simonl@rd.bbc.co.uk>
Cc: nanog@merit.edu, GAVRON@ACES.COM
Message-id: <01JODKWE2LXY92INI5@ACES.COM>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii
Errors-To: owner-nanog-outgoing@merit.edu
See RFC 1535.
I had EDU.COM, and following that there was to be a prohibition
on registry of such domains.
Network Solutions has [of course] ignored this and handed out
tld.tld type domains.
Ehud
>Had this reported to us, which I thought people might be interested in.
>This had happened in .uk several years ago, which prompted a rule to
>forbid sub-domains of .uk which are the same as a TLD.
>> It appears that someone has registered "uk.co.za" as a domain and is using
>> this to fake well-known domain names such as bbc.co.uk. What they have
>> done is created DNS entries for "bbc.co.uk.co.za" and
>> "news.bbc.co.uk.co.za" so that when someone types e.g. "news.bbc.co.uk" in
>> their browser the DNS lookup first finds the "local" site
>> "news.bbc.co.uk.co.za" and returns that in preference to the desired site
>> "news.bbc.co.uk". In this instance the fake DNS entry contains a redirect
>> to the site "http://www.guitarpunk.com/home/mosrite.htm" which is an
>> advert for electric guitars.
>>
>> As a user of the DNS I strongly object to the hijacking of the namespace
>> in this manner and request that the co.za domain administrators
>> immediately suspend the domain uk.co.za and that you prohibit any future
>> registrations of domains xx.co.za where xx is a valid top-level domain.
>HTH,
>Simon
>--
>Simon Lockhart | Tel: +44 (0)1737 839676
>Internet Engineering Manager | Fax: +44 (0)1737 839516
>BBC Internet Services | Email: Simon.Lockhart@bbc.co.uk
>Kingswood Warren,Tadworth,Surrey,UK | URL: http://support.bbc.co.uk/
