Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Amazon phishing scam on Yahoo servers

from [Vincent Archer] Network Security [Permanent Link]
Subject: Re: Amazon phishing scam on Yahoo servers
Date: Fri, 24 Feb 2006 11:14:58 +0100 
On Wed, Feb 22, 2006 at 05:32:13PM +1030, Geoff Vass wrote:

Surely someone, somewhere, has to take some responsibility for allowing
domains to be created which are clearly and obviously bogus. Who could
possibly have a reason to register paypal-unlocking.net?


Allowing?

Registration of domains is a completely automated process. There are
no humans anywhere in the loop of domain creation and management, unless
there is a technical problem in that process, or the customer has a
problem. I know, I used to work for a mid-size registrar.

Smaller domains (small countries TLD) might have people in the loop,
due to low volume, but theres hundreds of thousand created, deleted
and modified domains in the big three (.com/.net/.org) every day. Almost
none of them comes to human attention from creation to deletion years
after.


or another. I wonder if it's possible to register a domain with the name
George W Bush or F. Castro..


Considering then number of domains I've seen registered with a well known
address at the North Pole... you won't have a problem. As I said, no
human will ever set his eyes on your registration, until the time there's
a problem with it (which happened to me, when one of my customers did
ask for a domain transfer, and had problems proving his ownership of the
domain - I kept telling him he obviously wasn't Santa Claus, and I wasn't
moving the domain until I got a copy of Santa Claus' ID)

-- 
Vincent ARCHER - archer@frmug.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] [ GLSA 200602-14 ] noweb: Insecure temporary file creation, Thierry Carrez
Next by Date:  Re: DarkStarlings.com XSS Vulnerability, webmaster
Previous by Thread:  RE: Amazon phishing scam on Yahoo servers, Paul Laudanski
Next by Thread:  Re: Amazon phishing scam on Yahoo servers, Stefan Kelm
Indexes:  [Date] [Thread] [Top] [All Lists]