<< Google Pagerank and Geekswithblogs | Home | SecurityFocus: Penetration Testing IPsec VPNs >>

Domain name Homograph attack

Came across this via Security.nl

http://www.cs.technion.ac.il/~gabr/papers/homograph.html

Excerpt:

This page presents an example of The Homograph Attack described by Evgeniy Gabrilovich and Alex Gontmakher. (See "The Homograph Attack", Communications of the ACM, 45(2):128, February 2002. Click here for the full-length paper in PDF, or here for the HTML archive of the CACM Inside Risks column at SRI).

To prove the feasibility of this kind of attack, we legally registered (at Register.com) a homographic variant of the domain name "Microsoft.com" which incorporates Russian language characters.

Here is the forged name http://www.mi?r?s?ft.com and here is the real thing http://www.microsoft.com.
Can you tell the difference ?

Here is another example and the accompanying IDN advisory.


The most logical application of this would be in fishing attempts I suppose, and of course any web-code attack.

Print | posted on Thursday, February 10, 2005 6:23 PM

Feedback

# re: Domain name Homograph attack

left by Dave at 2/10/2005 5:45 PM Gravatar
Robert, I'm not getting any name resolution for www.cs.technion.ac.il. Can you help out? I would love to read this paper.

# re: Domain name Homograph attack

left by Reaper at 2/11/2005 11:50 AM Gravatar
That would be Phishing..
http://www.webopedia.com/TERM/p/phishing.html
unless youre actual going for Bass ;-)

# re: Domain name Homograph attack

left by yenbads at 6/2/2006 10:23 AM Gravatar
its good
Post A Comment
Title:
Name:
Email:
Website:
Comment:
Verification:
 
 
Copyright © Robert Kloosterhuis