DNS spam defined

If you ever did a whois on say google.commiscrosoft.com or yahoo.com you have been most likely been exposed to some obscenity and there is nothing the owners of the named domains can do about it.

This is to say that they or their providers or the dns servers have not been in any way hacked or exploited , responsible for this is a feature (turned into a flaw in the light of this) in whois clients that returns everything within the namespace of the queried domain name.

It did not take long for malicious or plain disgruntled individuals to turn dns spammers by creating a google.com.my.spam.rant.whatever.text.example.com subdomain on their own example.com to spam google whois for example.

As the whois query searches for any entries containing google.com in this case, the subdomain on example.com would be returned too , it is expected behaviour of the program.

Inexplicably unexpected was the exploitation of this , however funny MICROSOFT.COM.SMELLS.SIMPLECODES.COM might look to you , there could have been ways to prevent this being displayed in the whois for microsoft.com

Advertisements

One thought on “DNS spam defined

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s