tags:

views:

45

answers:

1
+2  Q: 

Why/how would a domain URL show client's localhost address?

I was trying to go to http://lustiges-taschenbuch.de which is a valid comic book site.

I mistyped the address as http://lustigestaschenbuch.de and was surprised to see my own apache localhost directory (!). This happens on two computers in Windows 7.

I checked my c:\windows\system32\drivers\etc\hosts file but it has nothing listed.

I looked it up on http://www.whoishostingthis.com on this site but it cannot find an owner.

I looked it up on denic, and it says the owner is: 

Domaininhaber:      Tapon del Darien LLC
Organisation:   Tapon del Darien LLC
Adresse:    First Floor-Commercial Area
Calle 53 , Marbella
P.O. BOX 0832-0588
PLZ:    0832-0588
Ort:    Panama City
Land:   PA

Can anyone explain why and how this domain is showing the client computer's localhost directory?

+5  A: 

Don't worry! The DNS settings for the domain just point it back to the localhost address 127.0.0.1 for anyone that visits the address they'll see their local server (or a 404 message if they don't have one), but it doesn't mean anyone else can see it/will see it when they visit the domain. I don't know why it's set that way for the domain, perhaps the domain owner can tell you.

dig output:

;; ANSWER SECTION:
lustigestaschenbuch.de. 86400   IN      A       127.0.0.1

;; AUTHORITY SECTION:
lustigestaschenbuch.de. 86400   IN      NS      ns2.sedoparking.com.
lustigestaschenbuch.de. 86400   IN      NS      ns1.sedoparking.com.

... the sedoparking.com suggests perhaps someone bought & parked this domain for use later, or is sitting on it hoping to sell it later.

Rudu  2010-10-15 19:45:01
but is there a (hacking) reason for doing this, e.g perhaps certain localhosts are set up to send information to the original URL which directed to it, etc? I'm just trying to think of a reason why someone would go through the trouble to redirect a URL they are sitting on to a client's localhost
Edward Tanguay  2010-10-15 19:48:42
It's not a client's localhost, it is the localhost of the visiting machine. There's no hacking benefit (the DNS server can't do anything about it, it just provides the IP for the requested domain, it's up to whatever's requesting the info to decide what to do with it). It could be because the domain owner has no other use for it, and likes to visit his own machine in the browser by typing in `http://lustigestaschenbuch.de`
Rudu  2010-10-15 19:53:51
An approximate simile: Abe registers his phone number as 0 in the phonebook. When you call Abe, he doesn't automatically learn everything from the operator - in fact he doesn't even know you made the call (meanwhile the operator doesn't know why everyone's asking for Abe ;)).
Rudu  2010-10-15 19:57:52
yes, that's what I meant: client = visiting machine, that makes sense I suppose, in any case, it's disconcerting to anyone who visits it and has a site set up on localhost :-o
Edward Tanguay  2010-10-15 19:58:18

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security