what if...?
Christian de Larrinaga
cdel at firsthand.net
Tue Dec 20 17:14:53 UTC 2011
You tell that to http://www.charset.org/punycode.php?encoded=xn--m_omaaamk.com&decode=Punycode+to+normal+text
Normal text
FMQQSQQT.com
to Punycode
xn--m_omaaamk.com
?
On 20 Dec 2011, at 17:00, Jared Mauch wrote:
>
> On Dec 20, 2011, at 11:37 AM, Eduardo A. Suárez wrote:
>
>> Hi,
>>
>> what if evil guys hack my mom ISP DNS servers and use RPZ to redirect traffic from mom_bank.com to evil.com?
>>
>> How can she detect this?
>
> Thankfully mom_bank.com is not valid, as underscores aren't valid in dns names :)
>
> Additionally, SSL certificates combined with DNSSEC/DANE can provide some protection. Some of this technology may not be available today, but is worth tracking if you are interested in this topic.
>
> - Jared
More information about the NANOG
mailing list