How to Hijack a Domain
In this post I will tell you how domain names are hacked and how to protect themselves. The act of piracy of domain names is generally known as domain hijacking. For most folks, the term "pharming" may seem strange. So let me first tell you what to do with pharming.
Pharming is a process by which Internet domain names have been stolen from their rightful owners. Pharming is also known as the flight envelope. Before we can proceed to learn how to hijack domain names, it is necessary to understand how domain names and how they are associated with a particular web server (website).
A domain name is the next action
Each site tells gohacking.com example consists of two parts. Domain Name (gohacking.com) and server web hosting, where files on the site is currently hosted. In reality, the domain name and web hosting server (web server), two different rooms, so they must be integrated within a site can operate without problems. The integration of the domain name with web hosting server is as follows.
1. After registering a new domain name, you get a control panel where we can get full control of the domain.
2. This control panel, we report our domain for the Web server where your site files are actually hosted.
For a clear understanding let me take a small example.
Juan register a new domain name "abc.com" from a record company X domain. Also purchase a hosting plan hosting Y. The discharge of all sound files (. Html,. Php, javascript, etc) to your web server (Y). In the domain control panel (X), which configures your domain name "abc.com" to point to your web server (Y). Now, every time an Internet user types "abc.com" domain name "abc.com" is resolved in the target Web server and the web page appears. This is how a web site actually works.
What happens when a domain was hijacked
Let's see what happens when a domain has been hijacked. To hijack the domain name simply access the control panel and point the domain name other Web servers other than the original. So, to acquire the domain that does not meet its goal of a web server.
For example, a hacker can use the control panel of the domain "abc.com". From there, the hacker re-configure the domain so that other Web servers (Z). Now that the Internet user tries to use the "abc.com" took a hacker site (Z), and John, the original site (Y).
In this case, the domain name, John (abc.com) is said to be kidnapped.
How many domain names are diverted
To hijack a domain, it is necessary to access the control panel's domain target domain. For this you need the following ingredients
1. Registrar Domain Name to the target domain.
2. The administrative email address associated to the target domain.
This information can be obtained by opening the domain WHOIS data target. For access to WHOIS data, whois.domaintools.com goto, enter the target area and click on Search. When the whois data is loaded, scroll down and you will see Whois Record. Meanwhile, you have "administrative contact email address."
To obtain the domain name registration, search for something like this in the Whois record. "Registration Service provided by:. Company XYZ" XYZ Here is the domain registrar. If not found, then scroll up and see the ICANN Registrar under the "Registration Data." In this case, the registrar of ICANN is responsible for the actual domain registration.
The administrative email address associated with that domain name is the back door to hijack the domain name. It is the key to open the control panel area. Therefore, to take complete control of the domain, the attacker hacking the administrative e-mail associated with it. Email hacking is discussed in my previous post how to hack an email account.
Once the attacker to take complete control of that email account, to visit the web domain name registration and click Forgot your password at the logon page. There will be asked to enter the domain name or e-mail management to begin the process of resetting your password. Once this is all the information to reset your password will be sent to the e-mail management. Since the attacker has access to that email account, you can reset the password for the domain control panel. After resetting the password, it connects the control panel with the new password and from there you can turn the field in minutes.
Protecting your domain name has been hijacked
The best way to protect your domain name to protect the administrative account e-mail in connection with the domain name. If you miss this email account, you lose your domain. So please see my previous post on how to protect your e-mail account was hacked. The second best way to protect your domain is to go to the registration of a domain name private. When you register a domain through a registration option for all your private personal information such as name, address, telephone and administrative e-mail address hidden from the public. So when an attacker to run whois for your domain, it can not find your name, phone number and email address administratively. Registration for both the private and offers greater security and privacy. Private domain registration to pay a bit 'more volume, but well worth its benefits.
Each domain registrar has the opportunity to attend private registration, so when you buy a new domain make sure you choose the option of private registration.
0 comments:
Post a Comment