## page was renamed from DNS/SubdomainTakeover/PatrikHudak/Risks ## page was renamed from DNS/hijacking/PatrikHudak/Risks DNS/hijacking/PatrikHudak/Risksについて、ここに記述してください。 Patrik Hudak — Subdomain Takeover: Thoughts on Risks https://0xpatrik.com/subdomain-takeover/ To prevent subdomain takeover in the future, organizations should change the process of creating and destructing resources in their infrastructure. In case of resource creation, the DNS record creation has to be the last step of this process. This condition prevents DNS record to be pointing to a non-existing domain at any point in time. For resource destruction, the opposite holds: DNS record needs to be removed as the first step in this process. Tools such as aquatone include checks for subdomain takeover. The checks should be periodically performed by a security team of an organization to verify that there are no vulnerable domains. Processes for central collection of exposed domain names are often not efficient inside organizations (due to global teams, etc.) and external monitoring is usually the best way to go. Mitigation strategy for cloud providers should be considered as well. Cloud services are not verifying the domain ownership. The reason behind this is primarily convenience. Cloud provider is not introducing any vulnerability by not verifying ownership of a source domain name. It is therefore up to the user to monitor its DNS records. Another reason is, that when cloud resource is removed, the user is usually no longer a customer of that service. The question cloud providers then ask themselves is: Why should we even care? Providers such as GitLab realized that subdomain takeover is an issue and implemented a domain verification mechanism. {{{ Some parts of this post are excerpts from my Master's Thesis. }}}