Follow

Ooh, corp.com looks like a great investment ...

krebsonsecurity.com/2020/02/da

"It was terrifying,” Schmidt said. “We discontinued the experiment after 15 minutes and destroyed the data. A well-known offensive tester that consulted with JAS on this remarked that during the experiment it was ‘raining credentials’ and that he’d never seen anything like it.”

@yojimbo I should have already known something like this was true, but it appears the only thing keeping the internet from collapsing is the fact that some guy who owns a couple of really old domain names isn't an asshole.

@Anarkat There isn't just one of them, there was/is a whole list of good people who built and preserved most of the Internet as a public resource. But they're ageing away ...

@thegibson @yojimbo I should email this to my company’s IT since I had previously pointed out using .corp as AD TLD was wrong. Sigh.

@yojimbo I don’t understand why the DNS normalisation rewrites ‘corp’ to ‘corp.com’, at all. It should just fail to resolve if outside of AD network?? (unless .corp is in new icann TLDs)

@sophistoche It will be down to the DNS search order - if you pass an unterminated name (i.e. one that doesn't end with a .) your machine will try to query for a whole series of alternatives in the local DNS - which should be subject to the organisation's own settings, but if the computer in question is "at starbucks" then it's at the mercy of crappy consumer-grade wifi routers.

If you ask for "machine.corp" and don't get an answer, your DNS service (should be just your PC, but sometimes the DNS servers will get in to the mix by being over-helpful) will generally try adding some suffixes to the end, which should be pretty much only "mycompany.com". If those don't match, your PC might try ".com", ".net" or ".org" (because after all, those were the only important domains, right?)

It needs a series of misconfigurations to make it go bad, but that's the nature of a standard Microsoft environment - an unending series of #wrong-by-default-but-works-enough-that-you-never-bother-configuring-it-until-its-too-late

Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.