DNS and potential energy
hag at linnaean.org
Tue Jul 1 16:16:20 UTC 2008
Rob Pickering <rob at pickering.org> writes:
> Or .com. Oddly enough I just now found a Windows box and typed
> "command.com" in a browser URL bar and it did what I expected, when I
> typed the same thing at a cmd prompt it did something different and I
> expected that too.
1. Copy \windows\system32\cmd.exe to the desktop.
2. Run internet exploder.
3. Type "cmd.exe" in the address bar and observe what happens.
I don't know about you, but given ie's default download location, and
your (apparently common) erroneous expectation, this looks ripe for
social engineering to me.
More information about the NANOG