• Home
  • About
  • Privacy Policy/Disclosures
  • Advertise
  • Contact

TLD Investors

Domain Investing Stats and Tips

The Register “Top level domain explosion could wreak MAYHEM on NET”

July 5, 2011 by Raymond Hackney

In an article out today The Register talks about how things could get screwed up with the new gTLD program.

From the article:

A plan to populate the internet with hundreds or thousands of new top-level domains has security researchers pondering some of the unintended consequences that could be exploited by online criminals. Some of the scenarios aren't pretty.

Consider the mayhem that might result from addresses that end in “exchange,” “mailserver,” “domain,” or other strings that are frequently used to designate highly sensitive resources on corporate and government networks.

If a glitch ever caused an email program or other application to reach one of these external addresses, instead of the internal server carrying the identical host name, the outcome could prove disastrous for the stability of the internet.

“There's going to be a lot of cause for confusion, and it's going to make things a lot more ambiguous than they are today,” said H D Moore, CSO of Rapid7 and chief architect of the Metasploit penetration testing project. “TLDs could break widely used software products.”

An even more dire scenario would arise if online criminals intentionally acquired a strategically named TLD and used the incoming connections to harvest passwords or mount attacks on the connecting clients.

A corporate laptop, for example, that connected to an airport hotspot rather than the normal enterprise network might connect to the domain name “mailserver” controlled by hackers, rather than the trusted internal server by the same name. Similar attacks could be waged with other strings, including “wpad,” “lan,” and “local.”

Read the full article HERE

Related Content

Share this:

  • Click to share on Facebook (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to print (Opens in new window)
  • Click to email this to a friend (Opens in new window)

Filed Under: New Tlds Tagged With: Domain Names, Go Daddy, Icann, Internet, New Tlds

About Raymond Hackney

Raymond Hackney has been involved with domain names since 1997. One of the most prolific writers in the domain industry and founder of TLDinvestors.com and 3Character.com

Comments

  1. Theo says

    July 5, 2011 at 5:27 am

    In the application guidebook for the new gTLD’s one can read that such names like localhost etc etc cannot be registered.
    I suggest to have the security “experts” read the documents at : http://www.icann.org/en/topics/new-gtlds/dag-en.htm
    Sure not everything mentioned there is not engraved in stone and things might and will change. But TLD’s suggested by the security “experts” already been taken care off.

Recent Posts

  • One year later 7910.com closes significantly lower
  • What’s one insight that has led you to become a better domainer?
  • MontyPython.net expires closes at $43,500

Recent Comments

  • Alpha on What is the best way to make GoDaddy auctions better?
  • Matt on Understand Your Own Magic Words
  • Anonymous on Seller of Masks.com drops asking price

Categories

Monthly Archives

domain name news

© 2021 TLD Investors · All Rights Reserved

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.