Sunday, April 20, 2008

DNS Re-direct Hole

Many ISP's including cablecos,, and ELN, use DNS Re-direct services. It is a small way to monetize a network. ELN uses Barefruit, which is a company I repped for when they tried to launch in the States.

Users don't like it because they think it muddles their "clean" connection.

Domain owners hate it because it messes with their income, since many of these guys own 200,000+ domains including misspellings of common names and URLs. These folks want to keep the money on the re-directs, not let the ISP's have it.

The one group (other than the ISPs) that likes this system is the hacker community. On DSLReports, read about the hack that lets phishing sites work. The Washington Post blog has the full explanation. [Note that Barefruit has already fixed this flaw.]

No comments: