Disclosures from Domain Name registration

Posted on March 19, 2011 by dgs

Disclosures from Domain Name registration
by
David Schlecht

When registering a domain name, a company or individual can disclose a lot of information. When doing a WHOIS lookup, an attacker can see a lot of information about the company and people registering the domain.

As an example, let’s see what we can find about the topic of “pet fish”. A quick google search shows the following domains:

  • www.aquariumfish.net
  • www.thatpetplace.com
  • www.petfish.net

By checking on the first domain name, I find the IP address, the company that hosts the IP address (godaddy.com), the physical location of the server (Huston, Tx).

Though I don’t recommend using Godaddy.com, this isĀ  a rather safe domain registration.

Looking at the second example, we see that this is registered through network solutions and uses Gary Henery, gbo*@systemax.com Harbor Drive, Port Washington, NY as a contact person.

And, finally, the last example shows the domain registered through godaday, hosted at hostmonster.com and is registered by Clint Norwood fron Scarlet Oaks. You can also find articles by him at the site.

In each of these examples, there are varying amounts of information available to the hacker. Social engineering is an important approach to hacking and knowing names of companies and people allows an impersonator to pull off a pretty convincing part.

For help in finding the amount of personal disclosure from Domain Name registration and your risk from disclosure, as well as other Internet Security services, contact Access Technologies.

This entry was posted in Internet Security, Web Technology. Bookmark the permalink.

One Response to Disclosures from Domain Name registration

  1. Pingback: Internet Security Network Security and Computer Security | DGS Consulting