View Single Post
  #1   (View Single Post)  
Old 16th July 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default Generic TLDs Threaten Name Collisions, Information Leakage

From http://www.darkreading.com/advanced-...s-in/240158075

Quote:
As the Internet Corporation for Assigned Names and Numbers (ICANN) continues its march toward the eventual approval of hundreds, if not more than 1,000, generic top-level domains (gTLDs), security experts warn that some of the proposed names could weaken network security at many companies.

Two major issues could cause problems for companies: If domain names that are frequently used on a company's internal network -- such as .corp, .mail, and .exchange -- become accepted gTLDs, then organizations could inadvertently expose data and server access to the Internet. In addition, would-be attackers could easily pick up certificates for domains that are not yet assigned and cache them for use in man-in-the-middle attacks when the specific gTLD is deployed.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote