Geeks With Blogs

News This is my old Sysadmin blog. April 2009 I moved all this content to http://thefluffyadmin.net/
Robert's Sysadmin Blog Unraveling the datacenter one fibre at a time

Came across this via Security.nl

http://www.cs.technion.ac.il/~gabr/papers/homograph.html

Excerpt:

This page presents an example of The Homograph Attack described by Evgeniy Gabrilovich and Alex Gontmakher. (See "The Homograph Attack", Communications of the ACM, 45(2):128, February 2002. Click here for the full-length paper in PDF, or here for the HTML archive of the CACM Inside Risks column at SRI).

To prove the feasibility of this kind of attack, we legally registered (at Register.com) a homographic variant of the domain name "Microsoft.com" which incorporates Russian language characters.

Here is the forged name http://www.mi?r?s?ft.com and here is the real thing http://www.microsoft.com.
Can you tell the difference ?

Here is another example and the accompanying IDN advisory.


The most logical application of this would be in fishing attempts I suppose, and of course any web-code attack.

Posted on Thursday, February 10, 2005 6:23 PM | Back to top


Comments on this post: Domain name Homograph attack

# re: Domain name Homograph attack
Requesting Gravatar...
Robert, I'm not getting any name resolution for www.cs.technion.ac.il. Can you help out? I would love to read this paper.
Left by Dave on Feb 10, 2005 5:45 PM

# re: Domain name Homograph attack
Requesting Gravatar...
That would be Phishing..
http://www.webopedia.com/TERM/p/phishing.html
unless youre actual going for Bass ;-)
Left by Reaper on Feb 11, 2005 11:50 AM

# re: Domain name Homograph attack
Requesting Gravatar...
its good
Left by yenbads on Jun 02, 2006 10:23 AM

Your comment:
 (will show your gravatar)


Copyright © Robert Kloosterhuis | Powered by: GeeksWithBlogs.net