Crazy question about website landing

views:

answers:

+3 Q:

Crazy question about website landing

Is it possible for crook to redirect website site/landing to your domain to elsewhere? Say, a visitor's intended website is, knowledgenotebook.com, but the crook redirected the user to google.com or yahoo.com or anything else? And doing so randomly, so, it can try to avoid detection...

Thanks.

+2 A:

Yes, he can do it by modifying the hostsfile

SQLMenace 2010-09-09 18:46:43

Or, if they're feeling ambitious, hijack the authoritative DNS entry, so it affects more than just the one machine. :-)

Steven Sudit 2010-09-09 18:47:22

+3 A:

I believe you can do that with DNS cache poisoning or XSS.

With DNS poisoning it would still say knowledgenotebook.com in the URL. With XSS i think it would have to have the new URL.

What do you mean by randomly? As in user X will get redirected but users Y and Z will not? If that is what you mean then they could probably randomize it with XSS. I don't think it could be randomized using DNS poisoning...

Abe Miessler 2010-09-09 18:48:01

Or they could use a BHO or other client-side plug-in to mess with things. The options are, if not endless, at least vast.

Steven Sudit 2010-09-09 19:06:13

+3 A:

Yes it is possible. He can use several techniques to achieve that like DNS hijacking, IP spoofing, ARP poisoning, edition of hostfile etc. Hakin9 is a very good magazine for beginners (but not only) interested in security matter

doc 2010-09-09 18:56:23

There's so many ways to do this, and which is easiest depends on many factors

David Heise 2010-09-10 06:34:12

Don Don 2010-09-10 14:04:40

@Don Don: What do you mean by marketing on the software? Since marketing I think, is a separate sphere of the software industry.(?)

doc 2010-09-10 15:01:41

+1 A:

Yes, it is possible. The best way for your users to ensure that they are actually getting your site is to use an SSL certificate. The HTTPS protocol requires browsers to verify that the domain name it is trying to get matches the domain name of the certificate (otherwise you'll get a security warning in your browser).

There's not really any way to prevent all the possible ways that someone can do this, as it can happen anywhere between your server and the user. DNSSEC is supposed to help with some of these issues, like cache poisoning.

Bob 2010-09-09 19:10:40

That's helpful, but there are ways to fake that out, too. In particular, SSL's weak point at this time is in the certificate generation, not the protocol itself. Too many entities -- many of whom are easily-bribed, third-world agencies -- are capable of issuing certificates.

Steven Sudit 2010-09-09 19:15:46

@Steven Sudit: he have written that there is no way to prevent it. And SSL's weakest point were always security holes. While it brings some security it also brings a lot of other vulnerables. And SSL can not prevent attacks like server-side code injections for example.

doc 2010-09-09 19:28:39

Don Don 2010-09-10 01:30:09

ansaurus

tags:

views:

answers:

Crazy question about website landing

related questions