Fwd: DNS Misconfiguration on- http://cyberia.net.sa/

Fred Morris m3047 at m3047.net
Fri Jun 5 16:16:37 UTC 2020


Hrmmm... I'm reminded of something else I've seen reported on recently...

On Fri, 5 Jun 2020, Ejaz Ahmed wrote:
> localhost.cyberia.net.sa

I don't know if you've been paying attention, but it's been reported that 
among others EBay has been port scanning visitor's devices [0]. Having 
localhost.ebay.com could be handy for them in terms of circumventing some 
rules on setting of cookies and the execution of scripts. Not saying 
that's what they're doing, heaven forbid.

Any domain you visit could have entries in it which point to e.g. 
localhost or nonrouting addresses commonly used for gateways, things like 
that.

This is not a DNS problem, it's a problem in what commonly used programs 
aid and abet in the name of "freedom of commerce" or something.

--

Fred Morris

--

[0] 
https://www.bleepingcomputer.com/news/security/ebay-port-scans-visitors-computers-for-remote-access-programs/



More information about the bind-users mailing list