MoinQ: DNS/hijacking/解説記事/detectify/herokugithubdesk

• RecentChanges
• FindPage
• HelpContents
• herokugithubdesk

• Immutable Page
• Comments
• Info
• Attachments
• More Actions: Raw Text Print View Render as Docbook Delete Cache ------------------------ Check Spelling Like Pages Local Site Map ------------------------ Rename Page Delete Page ------------------------ Subscribe User ------------------------ Remove Spam Revert to this revision Package Pages Sync Pages ------------------------ CreateNewPage Load PageActions Save SlideShow Thumbnails

Your company starts using a new service, eg an external Support Ticketing-service.

Your company points a subdomain to the Support Ticketing-service, eg support.your-domain.com

Your company stops using this service but does not remove the subdomain redirection pointing to the ticketing system.

Attacker signs up for the Service and claims the domain as theirs. 
  No verification is done by the Service Provider, and the DNS-setup is already correctly setup.
    
Attacker can now build a complete clone of the real site, add a login form, redirect the user, steal credentials (e.g. admin accounts), cookies and/or completely destroy business credibility for your company.

MoinQ: DNS/hijacking/解説記事/detectify/herokugithubdesk (last edited 2023-09-16 05:01:10 by ToshinoriMaeno)

• Immutable Page
• Comments
• Info
• Attachments
• More Actions: Raw Text Print View Render as Docbook Delete Cache ------------------------ Check Spelling Like Pages Local Site Map ------------------------ Rename Page Delete Page ------------------------ Subscribe User ------------------------ Remove Spam Revert to this revision Package Pages Sync Pages ------------------------ CreateNewPage Load PageActions Save SlideShow Thumbnails

• MoinMoin Powered
• Python Powered
• GPL licensed
• Valid HTML 4.01