Age old DNS hack reappears

[Simon Lockhart <simonl () rd bbc co uk>]

Had this reported to us, which I thought people might be interested in. 
This had happened in .uk several years ago, which prompted a rule to 
forbid sub-domains of .uk which are the same as a TLD.

> It appears that someone has registered "uk.co.za" as a domain and is using
> this to fake well-known domain names such as bbc.co.uk. What they have
> done is created DNS entries for "bbc.co.uk.co.za" and
> "news.bbc.co.uk.co.za" so that when someone types e.g. "news.bbc.co.uk" in
> their browser the DNS lookup first finds the "local" site
> "news.bbc.co.uk.co.za" and returns that in preference to the desired site
> "news.bbc.co.uk". In this instance the fake DNS entry contains a redirect
> to the site "http://www.guitarpunk.com/home/mosrite.htm"; which is an
> advert for electric guitars. 
>
> As a user of the DNS I strongly object to the hijacking of the namespace
> in this manner and request that the co.za domain administrators
> immediately suspend the domain uk.co.za and that you prohibit any future
> registrations of domains xx.co.za where xx is a valid top-level domain.

HTH,

Simon
-- 
Simon Lockhart                       |   Tel: +44 (0)1737 839676 
Internet Engineering Manager         |   Fax: +44 (0)1737 839516 
BBC Internet Services                | Email: Simon.Lockhart () bbc co uk 
Kingswood Warren,Tadworth,Surrey,UK  |   URL: http://support.bbc.co.uk/