16th July 2013
|
Administrator
|
|
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
|
|
Generic TLDs Threaten Name Collisions, Information Leakage
From http://www.darkreading.com/advanced-...s-in/240158075
Quote:
As the Internet Corporation for Assigned Names and Numbers (ICANN) continues its march toward the eventual approval of hundreds, if not more than 1,000, generic top-level domains (gTLDs), security experts warn that some of the proposed names could weaken network security at many companies.
Two major issues could cause problems for companies: If domain names that are frequently used on a company's internal network -- such as .corp, .mail, and .exchange -- become accepted gTLDs, then organizations could inadvertently expose data and server access to the Internet. In addition, would-be attackers could easily pick up certificates for domains that are not yet assigned and cache them for use in man-in-the-middle attacks when the specific gTLD is deployed.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|