Questions tagged [dns-domain]
A domain name is an identification string that defines a realm of administrative autonomy, authority, or control on the Internet. Domain names are formed by the rules and procedures of the Domain Name System (DNS). Technically, any name registered in the DNS is a domain name.
140
questions
2
votes
1
answer
144
views
Anything I can do to combat malicious domains?
On Facebook, malware is currently trying to spread itself using the domain googlediver (dot) com, one sample of a malicious url is https://googlediver (dot) com/list-of-traveling-staff , and I believe ...
- 583
0
votes
1
answer
266
views
Since the DS recordset contains all of the child's Key Signing Key, wouldn't the DS recordset be massive and difficult to load for verification?
I'm learning about DNSSEC today but I don't quite understand about how a parent zone would store all of its child's Key Signing Keys (DNSKEY 257) in its DS record set.
As far as I understand, if I ...
- 367
1
vote
2
answers
230
views
Country code top-level domain (ccTLD) hijacking?
Imagine a country ruled by a non-democratic government with an explicit disregard to local and international laws. The national registry for local domains (Country code top-level domains) falls under ...
- 11
0
votes
1
answer
254
views
How secure is my IP address?
I have a public facing IP address setup at a VM in the Google Cloud Platform.
I am wondering, if it is possible as an outsider to take away this public IP, or pretend another computer is this public ...
1
vote
1
answer
411
views
What does a domain seizure entail?
For context, I have limited knowledge pertaining to computer networks, and the recent seizure of z-library brought up some questions I am unsure of, and I can't seem to find much information online.
...
0
votes
1
answer
112
views
Real time domain verification through DV cert or DNS check?
I want to add an extra layer of security/validation into our app/network. I plan to do some mTLS in which we will provide customers with a certificate to use in the TLS handshake. However, I want the ...
- 101
1
vote
1
answer
271
views
DNS reverse lookup not finding domain name during enumeration
While enumerating a DNS server for a HTB machine, I've tried finding a domain name for 127.0.0.1:
┌──(kali㉿kali)-[~]
└─$ dig -x 127.0.0.1 @10.10.11.166
; <<>> DiG 9.18.1-1-Debian <<...
- 113
0
votes
1
answer
520
views
DNS Enumeration by IP Address
I know all baseline steps to do DNS enumeration over a domain. But my questions is: how can I enumerate a server when I do not know which domain it is managing and I only have its IP address?
My ...
- 11
-2
votes
1
answer
416
views
What TLDs are safe to whitelist?
What top-level domains (TLD) are safe and would be safe for example to whitelist?
I guess .gov and .mil are safe?
While .com, .net and .org are not since anyone can register those.
Is .int safe? And ...
- 97
0
votes
2
answers
651
views
Why can't I connect to a website via its IP address?
When I type in PowerShell
ping security.stackexchange.com
...it gives me the following:
Pinging security.stackexchange.com [151.101.193.69]
And as far as I understand, this IP address corresponds to ...
- 113
0
votes
2
answers
553
views
Is there any domain name one could use as a fake malicious website example?
I'm looking for some domain name whose purpose is to act as a bogus malicious/suspicious/untrusted website or endpoint to be used as an example or in documentation.
IANA has reserved example.com for ...
- 111
0
votes
0
answers
113
views
Blacklist of hostname/IP so user cannot access my server private network?
My Web API acts as a proxy for users to connect to another server: User ➡️ My Server ➡️ Any Internet Server. They do that by specify a hostname ftp.example.com or 111.111.111.111. I do not want them ...
- 109
24
votes
4
answers
5k
views
Why are SSL CAs prohibiting double dash in third and fourth characters?
Digicert has disallowed "double dashes" in the third and fourth characters in new certs:
Effective October 1, 2021, for publicly trusted TLS/SSL certificates, we no longer allow the use of ...
- 1,343
2
votes
0
answers
466
views
All private subdomains found and listed, including those from my home IP
It's been my understanding in the past years that it's not easily possible to find out all the subdomains of a domain (unless these are used publicly, like in hyperlinks, etc), and likewise not easily ...
- 215
1
vote
3
answers
3k
views
Scanning a domain name
When we scan a domain name such as www.nmap.org,
Question 1: We are actually scanning the server that the website is hosted on, right?
Question 2: If there is another domain hosted on the same server, ...
- 41