Yahoo! -- A "Phisher-friendly" hosting domain?
william(at)elan.net
william at elan.net
Wed Aug 31 21:16:17 UTC 2005
On Wed, 31 Aug 2005, Fergie (Paul Ferguson) wrote:
> Someone is... or trying to, at least, watch and contact the
> responsible owners/registrars, but in some cases they aren't
> apparently eager to assist.
Some registrars are good and some are bad and without better controls
being developed by ICANN, user-based reputation system will eventually
come in and will be greatly despised by registrars (like many ISPs
do not like RBLs) but nonetheless widely used by users.
> -- Alex Rubenstein <alex at nac.net> wrote:
>
> Shouldn't someone be watching these, though?
> root at sodium:~# whois paypal.com
>
> [...]
>
> PAYPAL.COM.SV04.COM
> PAYPAL.COM.LIMITSPEED.NET
> PAYPAL.COM
Above are hostnames under another domain that were registered as nameservers
(which seems to be mostly for fun so it would show up in whois for those
using less-then-smart whois clients). I don't think above names have
anything to do with phishing at all since for phishing one could easily
just setup host "paypal.phisherdomain.com" (without any registration in
whois), but that is not widely used and a lot more common are attempts at
something like paypa1.com.
--
William Leibzon
Elan Networks
william at elan.net
More information about the NANOG
mailing list