bitsquawkSubmitted by Inverted1 on September 18, 2011 - 2:12pm |
I found Artem Dinaburgh's talk at Blackhat 2011 one of the most interesting presentations at the conference. In short, he talked about why and how often bit errors occur in hardware (more frequently that most would think). If they affect a DNS entry, your system can end up at an unintended site.
Artem registered several 'bitsquatting' domains and received over 52,000 hits over six months, proving that the theory is valid. To mitigate, he suggests registering the bitsquat domains for high traffic sites. For others who have numerous and/or lenghty URLs, registering all of them can become cost prohibitive. The bitsquat URLs for my employer total over 21,000 for example.
I got curious about this and decided to write a Python program to examine a URL list for potential bitsquatting sites.
Check it out at: http://code.google.com/p/bitsquawk/
- Login to post comments