nanog mailing list archives

Re: what if...?

From: Christian de Larrinaga <cdel () firsthand net>
Date: Tue, 20 Dec 2011 17:14:53 +0000

You tell that to http://www.charset.org/punycode.php?encoded=xn--m_omaaamk.com&decode=Punycode+to+normal+text


Normal text 
FMQQSQQT.com

to Punycode 
xn--m_omaaamk.com

?


On 20 Dec 2011, at 17:00, Jared Mauch wrote:


On Dec 20, 2011, at 11:37 AM, Eduardo A. Suárez wrote:

Hi,

what if evil guys hack my mom ISP DNS servers and use RPZ to redirect traffic from mom_bank.com to evil.com?

How can she detect this?


Thankfully mom_bank.com is not valid, as underscores aren't valid in dns names :)

Additionally, SSL certificates combined with DNSSEC/DANE can provide some protection.  Some of this technology may 
not be available today, but is worth tracking if you are interested in this topic.

- Jared

Current thread:

what if...? Eduardo A. Suárez (Dec 20)
- RE: what if...? Matlock, Kenneth L (Dec 20)
- Re: what if...? Valdis . Kletnieks (Dec 20)
  - Re: what if...? bmanning (Dec 20)
  - Message not available
    - Re: what if...? Valdis . Kletnieks (Dec 20)
    - Re: what if...? Michael Sinatra (Dec 20)
- Re: what if...? Jared Mauch (Dec 20)
  - Re: what if...? Christian de Larrinaga (Dec 20)
    - Re: what if...? Seth Mattinen (Dec 20)
    - Message not available
    - Re: what if...? Seth Mattinen (Dec 20)
- Re: what if...? Marshall Eubanks (Dec 20)
  - Re: what if...? Jeroen van Aart (Dec 22)
    - Re: what if...? Steven Bellovin (Dec 22)
- Re: what if...? Ken Gilmour (Dec 20)
- Re: what if...? Mark Andrews (Dec 20)