subdomain hijacked?

Ken Chase ken at
Mon Nov 22 11:05:21 CST 2010

On Mon, Nov 22, 2010 at 08:49:48AM -0800, Wil Schultz said:
  >Appears that it's a CNAME for 
  >The expiry day is 11/22/2011, so if I were to guess I would think that the domain expired, sent to an advert page, and was just renewed.

Smartest attack is to put up a page that looks exactly the same as the
legit site, but with your own cheaper crappier knockoff starwars paraphenalia
('duke', 'tewey', 'princess luba') that you sell instead and make the huge

Not to give anyone any ideas that werent obvious like 15 years ago.

How anyone can tell the internet is legit at a glance is beyond me. Need
to hookup firefox's security warning to my speakers to get a modicum of
alert that SSL is busted, to start, nevermind anything more creative.

That phishers manage to fake sites that look wrong is also beyond me, what's
so hard about 'save page as'?

Ken Chase - ken at - +1 416 897 6284 - Toronto CANADA
Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.

More information about the NANOG mailing list