Networking / Beginners

Similar Hostnames

When using a keyboard, typographical errors are common. It is not uncommon for a user to enter in a wrong hostname. Attackers can use this knowledge to hijack connections. For example, if a user wants to connect to Bank of America (bankofamerica. com), they may accidentally enter bonkofamerica.com. If an attacker owns the similar hostname, then they can impersonate the actual site and attack the user's connection. In December 2003, over 30 variations of bankofamerica.com were registered over a 4-day period. Each variation represents a common typographical error. Some of these domains, such as bankofajerica.com, were used for fraud and shut down. (bankofajerica.com was re-registered 1 year later.)

Automatic Name Completion

Many Web browsers support automatic name completion. Rather than typing in the TLD (e.g., .com), users can just enter the middle of the hostname. Automatic name completion appends a series of TLD suffixes until the hostname is found. Usually .com is tried first. If a Web site does not end with a .com, then an attacker can effectively hijack the domain by registering the .com name.

One of the most widely known examples of name completion hijacking is whitehouse.com. In 1997, Dan Parisi registered the domain and set up a pornographic Web site [Pelline1997]. The President of the United States uses the hostname whitehouse.gov. Users that entered whitehouse in their Web browsers had auto-completion take them to a porn site rather than the President's Web site. Although this Web site is no longer hosting pornography [Rosen2004], it clearly demonstrated the power of hijacking through automatic name completion.

Social Engineering

Social engineering is a term used to describe sociological persuasion. Rather than using computers and scripts to compromise a system, a social engineer uses guise and conman techniques. They may use emails or telephones to convey authority and acquire the information that they desire.

Domain names are registered through a limited number of name registrars. If the registrar can be convinced that a user is an authoritative owner of a domain, the domain's information can be modified or transferred.

[Previous] [Contents] [Next]

In this tutorial:

  1. Domain Name System (DNS)
  2. DNS Common Uses
  3. Hostname-to-Address Mapping
  4. Common Lookup Tools
  5. Naming Confusion Attack Vectors
  6. Dotted Names
  7. Name Formatting
  8. Exploited Anonymity
  9. Mail Servers
  10. Sender Policy Framework Overloading
  11. Domain Keys Overloading
  12. DNS Protocol
  13. Packet Information
  14. Simple DNS Server
  15. Distributed Architecture
  16. Top Level Domain Servers
  17. Generic Top Level Domain (gTLD)
  18. Secondary Level Domain (SLD)
  19. Primary and Secondary Servers
  20. Caching Servers
  21. DNS Management
  22. DNS Direct Risks
  23. DNS Performance versus Security
  24. DNS Cache Poisoning
  25. Corrupt DNS Packets
  26. DNS Domain Hijacking
  27. DNS Server Hijacking
  28. Dynamic DNS
  29. Similar Hostnames
  30. Domain Renewals
  31. Hostnames
  32. Zone Transfers
  33. Host Listing
  34. DNS Fields
  35. Mitgation Option
  36. Technical Threat Mitigation
  37. Social Threat Mitigation
  38. Defining Trusted Replies