[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[tor-talk] DNS hijacking
For months now one of my domains keeps getting redirected sometimes when
accessed through Tor. Even non-existing subdomains.
Instead of landing on my page, one will get to a site looking exactly like
parkingcrew.net, complete with ads and trackers, but located at a
different IP in the US and showing the domain tried to access instead of
"parkingcrew.net". I played around a bit and found out that it will accept
any valid-looking domain supplied in the Host header, even if the domain
doesn't actually exist.
It will only happen when using Tor. I did a "normal" DNS dig and a
tor-resolve simultaneously - the first pointing to the real IP, the latter
pointing to said server.
Someone out there is manipulating DNS resolves done through Tor.
tor-talk mailing list - email@example.com
To unsubscribe or change other settings go to