Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: Help required in decoding suspicious URL Share/Save - My123World.Com!

  1. #11

  2. #12
    Quote Originally Posted by abhaythehero View Post
    So that means lookup tools must give some information about these url ? Still confused about the domain though ? Are their any non commercial DNS servers that would give them the liberty to take such a url ?
    You seem to have forgotten there are multiple . [dot] in the url so these can be subdomains the attacker only needs to register last part as domain.
    So in that case the DNS query would go to his main domain and he can create dynamic subdomains which can expire every day or for that case after any specific amount of time he want. So only last high level domain wouldnt change in that case. And for the last domain also he can register some 10-20 domains as top level domain and use some of them based on algorithm.

    (A Suggestion - Never forget your basic Tanenbom Networking TCPIP book)
    Orkut id: neo1981
    Blog: infosec-neo.blogspot.com
    Nothing is Impossible*


    *Conditions Apply

  3. #13
    Super Commando Dhruv abhaythehero's Avatar
    Join Date
    Sep 2010
    Location
    Lucknow/Pune,India
    Posts
    466
    Blog Entries
    2
    Oops failed to see the dots between dashes. I get it now. But 0-0-0-0-0-0-0-0-0-0-0-0-0-34-0-0-0-0-0-0-0-0-0-0-0-0-0 as a domain still seems a little out of the way. Guess the domain controllers will allow such type after all.

    B/w thanks for the suggestion. Tanenbaum always freaked me out during the semesters so I never touched the book Would give it another chance.
    In the world of 0s and 1s, are you a zero or The One !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •