About Us | Contact Us
View Cart

New Top Level Domains Could Expose Companies To Risk

By Vigilize | Wednesday, June 15, 2016 - Leave a Comment

An article review.


Opportunistic hackers could register new TLDs hoping to prey on misdirected internal traffic


ServIcons_ITAudit_01

 

The US Computer Emergency Readiness Team (US-CERT) recently issued a statement for organizations who use top level domain names to route internal traffic, warning that misconfigured proxy servers could route requests for those names to newly registered external domains.

The potential attack is linked to the Web Proxy Auto-Discovery (WPAD) service in Windows, which attempts to standardize web proxy configurations across a network by downloading settings from a central server. Domain name requests intended for WPAD have been observed reaching servers on the open internet in the past, potentially leading to a situation where internal network traffic gets routed to a domain specifically selected to try and catch these requests for malicious purposes.

Considering the increase in top level domain names from less than a dozen to over 1,200 it’s impossible to know what formerly unused names could become live in the future, so security experts suggest companies either use names they’ve registered themselves or make certain no internal DNS requests can make it to the outside.


Original article by US-CERT.


same_strip_012513


 

Leave a comment

(required)

(required) [will not be published]

Solve this Captcha * Time limit is exhausted. Please reload CAPTCHA.

Latest News