Networking / Beginners

Domain Renewals

Domain name registrars do not assign domains indefinitely. Instead, domains have expiration dates. Expiration allows abandoned domains to be released. Usually domains are registered for one, two, or five years. If a domain owner does not pay attention to the expiration date, then they may forget to renew their domain. When a name expires, anyone can register the same name. This allows an attacker to intentionally grab a domain and impersonate a known company.

Other Social Attacks

There are many other types of social attacks against domain names. Wildcard DNS services permit any unknown hostname to resolve to a single address. For example, if supports wildcard matching, then anything.hostiledomain. net will resolve to an address. This includes names such as, where the user may not notice that the hostname is not Bank of America.

Search engine ranking can also be used for domain hijacking. If the owner of designs his Web site carefully, then it may be listed first by search engines. A user searching for "Bank of America" may see the result for hostiledomain. net listed first and assume that it is the correct site.

Social attacks against DNS are limited only by the degree of imagination. As long as hostnames are independent of network addressing, social attacks will be effective against DNS.

[Previous] [Contents] [Next]