DNS/take-downについて、ここに記述してください。

Google Blocks Dozens of Malicious Domains Operated by Hack-for-Hire Groups June 30, 2022Ravie Lakshmanan https://thehackernews.com/2022/06/google-blocks-dozens-of-malicious.html

https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_02B-1_Alowaisheq_paper.pdf

Cracking the Wall of Confinement: Understandingand Analyzing Malicious Domain Take-downs

In addition, we showed that the misconfiguration of DNS recordscorresponding to the sinkholed domains allowed us to hijacka domain that was seized by the FBI.

Further, we found thatexpired sinkholes have caused the transfer of around 30K taken-down domains whose traffic is now under the control of newowner

Findings

Interestingly, we also found that some take-down partiesutilize a Cloud DNS service for sinkholing and leave their NSrecords outdated after they have stopped using the cloud DNSservice. We discovered such a problem in the FBI’s take-downaction and successfully took over a domain taken-down by theFBI with an outdatedNSrecord, and redirected its traffic to aweb server under our control.

MoinQ: DNS/take-down (last edited 2022-07-01 13:03:30 by ToshinoriMaeno)