SEO Via DNS "Piggybacking" 74
An anonymous reader writes "There is an interesting story over at the SANS Internet Storm Center that shows details on about 50 organizations that have had new machine names added to their DNS zone information. These were then pointed to sites used to boost the search engine cred of pharma, personals, and porn sites. If you outsource your DNS, how would you ever catch something like this?"
My hobby (Score:3)
is signing up the contact emails of SEO companies to v1agr4 mailing lists. Fight spam with spam.
Re: (Score:1)
Excuse me, but might I point out that SEO is not spam. Some spam tactics are used by the less scrupulous SEO firms out there, but the two are very different beasts.
I, for one, direct my clients in proper selection and placement of keywords on their sites and assist them in optimizing their content so that it can be more easily browsed by their users. The end result of this process is typically a site that is accessible to search engines and end users alike, with reasonable rankings in relevant searches. No
Re: (Score:2)
Re: (Score:2)
Yes, in exactly the same way that winning a race is "gaming the system". I mean, only an out-and-out cheat would do something like observe what the conditions for winning are, and try to improve their own performance to match those conditions.
Re: (Score:2)
Making your site better for users, by following the guidelines provided by the search engine providers, perhaps?
I mean, what would a search engine company like Google know about making information easy to find and sites easy to navigate?
Re: (Score:1)
Making your site better for users, by following the guidelines provided by the search engine providers, perhaps?
I mean, what would a search engine company like Google know about making information easy to find and sites easy to navigate?
Sites easy to navigate? Given my late experience with using Google's site, very little.
Well, I now do my searches through Startpage, there the web page still behaves like a web page should behave.
Re: (Score:1, Offtopic)
Re: (Score:2)
So are you saying that your kind has nothing to do with the automated posts on blogs/forums/comment walls all linking back to the home site for page rank? Or the top 100 keywords in hidden style on pages?
Also, I don't spend that much time in front of the computer drunk, so if you are getting tons of spam it might be a follower of mine, or most likely just one of your "collegues".
Re: (Score:3)
Re:My hobby (Score:5, Funny)
Excuse me, but might I point out that SEO is not spam.
Thats what SEO salesperson would say.
Re: (Score:1)
The results of most SEO tactics are spam. Instead of filling up your mailbox you search for some term and instead you have to weed through the crap to get get the results you were really looking for. For Google they offer a way to move you to the top, you pay for an ad based on keywords. If the person searching is looking to buy something it's right there, easy to get to.
SEO "experts" charge customers to attempt to game the system, theoretically charging less than an ad would cost. Since the search prov
Re: (Score:1)
What's our trick? There is no trick. We have a short list of relevant keywords (and no irrelevant keywords) and a bunch of static pages that reference each other as appropriate.
SEO mostly isn't about tricks either, and you having those keywords and they referencing each other is SEO already.
And no, Wikipedia isn't always first. With many competitive keywords it can actually get quite far from first result. If you concentrated more on SEO, you would outrank it.
And contrary to popular belief here, SEO isn't about spammy hidden links (those actually get you ranking LOWER pretty fast), it's also putting your site out there. On social networks, on bookmarking sites (and sites like
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
Some spam tactics are used by the less scrupulous SEO firms out there
And these guys are giving the other 0.0001% a bad reputation.
Go jerk off somewhere else; preferably using powdered glass as a lube.
Re: (Score:2)
Go jerk off somewhere else; preferably using powdered glass as a lube.
I would like to subscribe to your newsletter.
Re: (Score:1)
Excuse me, but might I point out that SEO is not spam. Some spam tactics are used by the less scrupulous SEO firms out there, but the two are very different beasts.
I, for one, direct my clients in proper selection and placement of keywords on their sites and assist them in optimizing their content so that it can be more easily browsed by their users. The end result of this process is typically a site that is accessible to search engines and end users alike, with reasonable rankings in relevant searches. No spam, no bullshit, no need for you to be an asshole. I'll be sure to forward all my v1agr4 spam to you from now on, now that I know where it's coming from.
What a joke. You want to optimize your search results?
1: Spend 5 minutes reading Google's page on the subject, and include the proper meta tags in your pages.
2: Make sure your robots.txt (if you have one) isn't blocking Google.
3: Have content worth searching for.
Absolutely any other tactic is a misrepresentation of content, and thus a form of spam.
SEO is whitehat - and a good thing! (Score:3)
A good web author knows how the search engine works with their site. Things like overuse of a keyword, not enough content or excessive boiler plate content will cause your site to rank low. While things like canonical urls, matching meta description with page content, lots of diverse keywords in narrative format and links pointing to pages that contain the link text in prominent locations all will help your position in a search engine.
I'm sure there are some SEO companies that sell people bullshit, but
Re: (Score:2)
That was informative. Sorry, I had a bit of prejudice against the whole business. Although I have to say I don't share your optimism about malicious tactics not working, as I see their signs in a lot of places.
By checking? (Score:3)
You could just do a zone transfer and check. If they don't allow that, find someone who does.
Re:By checking? (Score:4, Insightful)
How do you know if the records in the zone you transfer are the complete set of records in the live zone?
Re: (Score:2)
I guess they could hide some, sure. You convinced me, always run your own BIND instances.
Re: (Score:3)
Well, djbdns is dead, so what else is left of any worth?
Re:By checking? (Score:4, Informative)
Well, djbdns is dead, so what else is left of any worth?
I've been really happy with Unbound. Prior to that, I used MaraDNS until I found that Unbound was snappier from the perspective of my Web browser not having to wait as long for hostname resolution.
My own needs are rather modest. It is possible there is some killer feature you absolutely must have that neither of those supports. If not, I think you'd like them.
Re: (Score:2)
PowerDNS. It is awesome.
Facebook? Really? (Score:2)
Re: (Score:3)
Re: (Score:3)
Facebook's entire history is one of shady behind-the-user's-back shit.
Hey look, a StartCom Class 1 cert. (Score:2)
Your secure connection has been certified by someone who gives away free certificates! Security!
Re: (Score:2)
The folks who sell them, don't do anymore checking.
For evidence look at the recent news articles about it.
Re: (Score:2)
Just stop. It's a Slashdot comment, not a term paper, and edited accordingly.
You waste my time.
Re: (Score:2)
Just stop. It's a Slashdot comment, not a term paper, and edited accordingly.
You waste my time.
The message? "You should value your own independent, individual, personal thoughts and opinions that you share voluntarily much, much less than the things you are forced by authority to write in order to jump through some hoops to earn some credential."
Yeah, that's sane and you'd be a fool to question it. Nothing is worth any effort, it is never worthwhile to take an extra second to get it right, you should never show anything this kind of respect (particularly not yourself and your own works), and eve
Re: (Score:2)
Thank you for putting my thoughts into words.
They were worthy of expression. It seemed right for someone to articulate the difference between nit-picking and a genuine love of excellence.
Re: (Score:2)
The message? "You should value your own independent, individual, personal thoughts and opinions that you share voluntarily much, much less than the things you are forced by authority to write in order to jump through some hoops to earn some credential."
You miss the point. I understood the GP comment just fine despite the grammatical error. His nitpicking had me load a new page to see his (expectedly) topical response, but it was just nitpicking and added nothing to the conversation.
We'd be better off on
Re: (Score:2)
which is why I've changed the trust model in FF to Untrusted for ALL Certs until I provide an exception and it seems to work fine for me as I don't have that many secure websites I deal with that it's a problem.
Re: (Score:2)
What does it matter if it's free or not? They do the same "domain validation" that is common amongst paid CAs, and basically used for most everything except EV certs. At least StartCom puts their Class 1 certs under a specific intermediate root that you can choose to not trust if you wish, as opposed to how a lot of other CAs do it.
Should CAs do more thorough validation? No doubt. I'd like to see them do away with DV certs (or at least have browsers display different trust indicators). That said, validation
where's the rock and roll? (Score:1)
Re: (Score:2)
warning: tcsys.com is a late 90's website and may bring back feelings of nostalgia and/or confusion.
Re: (Score:2)
Maybe you should not outsource your DNS... (Score:4, Insightful)
Re: (Score:1)
I believe that DNS, along with other IT infrastructure (and accounting) is so crucial that it should never be outsourced.
Well, maybe. More importantly, many of us don't have sufficient bandwidth, power & reliable internet connections to host our own DNS servers.
By outsourcing, you are in fact giving away your keys to your webs/infrastructure/money. Of course that all kinds of bad stuff can happen then.
Maybe, but you also might hire professionals to do something that you aren't very good at so that you c
Re: (Score:3)
I don't understand why you'd want to outsource DNS. It's trivial to set up a DNS server, and I'd want to be able to remap servers on a whim in case any issues arose.
I set up a one-machine DNS on this box just so the VMWare image can be properly resolved by the host image. It took longer to download the latest bind software than it did to configure it.
Re: (Score:3)
Setting up BIND is easy.
Setting up several high-reliability, geographically-distributed, no-common-failure-modes sites is hard, and it's a prerequisite for DNS. If you mess up, pushing out new NS and glue records is slow. It takes a long time to recover, and your web site is down and your mail is bouncing the whole time.
Some large companies have multiple reliable sites and it's not a burden to host their own. Most mid-to-small guys are better off using at least an outsourced secondary DNS service. Tiny
Re: (Score:2)
I don't understand why you'd want to outsource DNS. ...
I work for a small sized school in Hurricane alley. We are considering outsourcing our DNS to keep basic services (DNS and a static web page) up in the event of a localized disaster. Example, a hurricane comes through causing an extended power outage on our main site (which includes our small datacenter). Someone could remotely update the DNS to point www to a remotely managed static web page that includes updates to the status of various locations. We may do this ourselves through an agreement with anot
Should be much higher than 50 orgs. (Score:2)
There are two issues here (cracked corporate DNS box, or hacked login creds) and it seems like #1 should be way higher than 50 organizations.
At any rate, registering a business name under a crap domain has always been going on. It gives spammers something to put in an email that looks legit enough for people to click.
Maybe the domain owners are involved? (Score:2)
The article doesn't say whether this guy followed up and contacted the domain owners about it. Who is to say that these organisations aren't simply being paid for use of their domain name in this manner? I know I know. Its unlikely, but there are all things like this happening.
What I want to know is, are the DNS hosting providers in on it? Are they modifying their software so that the customer doesn't see information. That would be where the real badness is and should be publicized. It also wouldn't be t
Re: (Score:2)
Zone transfers? (Score:3, Informative)
The referenced site had many examples, such as buy-viagra.4kidsnus.com
having been added as an extra host (subdomain! There is even a
www.buy-viagra.4kidsnus.com!) to 4kidsnus.com.
Now how did that get added to 4kidsnus.com?
Someone suggested checking a zone transfer. That seems not to work
here at the dnsexit.com supplied nameservers.
I do NOT see any buy-viagra.4kidsnus.com in a zone transfer for 4kidsnus.com. I DO see a separate zone transfer to the domain buy-viagra.4kidsnus.com itself.
Usually public zone transfers don't work, but they happen to
be supported for 4kidsnus.com.
4kidsnus.com. SOA ns2.dnsexit.com
(from dns2.dnsexit.com)
Hmmm ... slashdot claims this hits their 'lameness' filters ... like spaces and digits?
due to so many 'junk; characters
Well ... apparently they are not going to accept it with ... try a 'dig @ns2.dnsexit.com. 4kidsnus.com.' Here is a truncated version of what I found.
any useful data so
One finds the SOA (nameserver at ns2.dnsexit.com),
NS records (dns{1,2,3,4}@dnsexit.com), a few MX records
(at google) a wild carded CNAME (*.4kidsnus.com are all
aliased to the CNAME 4kidsnus.com) and address for
4kidsnus.com (50.73.38.13) and one host with its own,
separate A record, pbx.4kidsnus.com at 74.189.21.58.
I don't see buy-viagra.4kidsnus.com at all.
However one can get a separate zone transfer for that
domain (with a host at www.buy-viagra.4kidsnus.com):
dig @ns2.dnsexit.com buy-viagra.4kidsnus.com. axfr
buy-viagra.4kidsnus.com. SOA ns2.dnsexit.com. admin.netdorm.com. ;; SERVER: ns2.dnsexit.com
buy-viagra.4kidsnus.com. NS ns1.dnsexit.com.
buy-viagra.4kidsnus.com. NS ns2.dnsexit.com.
buy-viagra.4kidsnus.com. NS ns3.dnsexit.com.
buy-viagra.4kidsnus.com. NS ns4.dnsexit.com.
buy-viagra.4kidsnus.com. A 67.55.117.204
www.buy-viagra.4kidsnus.com. CNAME buy-viagra.4kidsnus.com.
buy-viagra.4kidsnus.com. 28800 IN SOA ns2.dnsexit.com. admin.netdorm.com.
Re: (Score:1)
Maybe it is a seperate domain name. (Score:1)
Maybe someone signed up to host DNS for their domain "buy-viagra.4kudsnus.com" with them, and their systems aren't smart enough to realize that that sort of thing shouldn't be allowed. For example, they'd have to allow three-part domain names for whatever.co.uk and similar, yet they shouldn't allow that for .com domains. Maybe they're mistakenly allowing it, and people are taking advantage of that. Normally you couldn't do that since the root DNS servers wouldn't point to your own DNS server, but the roo
Re: (Score:1)
Without reading the article, I'd guess that's EXACTLY what is happening.
Somebody has added their OWN "sub" domain as a totally separate zone, to the same DN server that the "main" domain is on, so when somebody looks up buy-viagra.4kid... it hits up the DNS for 4kids.... but the server pulls out the buy-viagra.4kids... zone, even though there is no mention of buy-viagra in the official 4kids zone.
Look for any shared web hosting server, find a domain that has DNS served from that server that you want to hook
Re: (Score:1)
THIS.
Came here to explain this. Thank you. WTH are the editors allowing some jerk to post "how are you supposed to ever find out about this?".
This site looks less like /. every day.
Re: (Score:1)
This is a provider issue. (Score:1)
..!arpa!jamie: ~ % dig veryImprobableHostname-becauseIJustMadeItUp.4kidsnus.com a
;; QUESTION SECTION:
;veryImprobableHostname-becauseIJustMadeItUp.4kidsnus.com. IN A
;; ANSWER SECTION:
veryImprobableHostname-becauseIJustMadeItUp.4kidsnus.com. 0 IN CNAME 4kidsnus.com.
4kidsnus.com. 82 IN A 50.73.38.13
;