Protect your Privacy Website owners!

Posted by on November 22, 2005

Alright people. There are bad guys in the world that if they take offense at something you put on your website might just try and track you down. Many people sign up with their web host provider and allow that provider to register a domain name. Usually it’s wrapped into the deal and people just jump on it. The webhost, through absolutely no fault of their own, use the account information the new client gave them. This information typically includes their name, billing address, and phone number. That information gets added into the Domain Name System or DNS.

DNS is what makes the world wide web so easy to use. It takes an easilly recognized domain name like “www.yahoo.com” and ultimately turns it into an IP address like “216.109.117.108” which is the webserver that actually holds the information you see when you visit that domain name. Each DNS entry has 2 basic contacts; an Administrative and Technical contact. The webhost who registers your domain name for you will enter your information in the Administrative contact.

“Ok, so what’s the problem?” you ask? Well, here’s the deal, if you go to one of the many “whois” services out there you can query these DNS records and see this information. Let’s say I have decided that I want to do harm to the owner of the blog at C-J-DES.ORG.

A note before we go further. All domain names presented do not exist and the information is completely made up.

So…I go to someplace like GoDaddy’s Whois page and enter the domain name and after their security measures you see:

Registrant:
C-J Des

1619 Strader Dr
Lexington, Kentucky 40505
United States

Registered through: GoDaddy.com (http://www.godaddy.com)
Domain Name: C-J-DES.ORG
Created on: 31-Dec-02
Expires on: 31-Dec-05
Last Updated on: 31-Dec-03

Administrative Contact:
Jorge Gardner jorge@C-J-DES.ORG
C-J Des
1619 Strader Dr
Lexington, Kentucky 40505
United States

So now you have an address. Plug the address into Mapquest and you have the location along with driving directions.

Take a stroll over to Whitepages.com and do a reverse address lookup. Enter the address and after alittle work I can get a phone number if the number is published…that is if the phone number isn’t listed in the DNS record itself and it often is.

Now the bad guy can give you a call to make sure you are home BEFORE burning your house down.

Scary ain’t it?

You can probably call your webhost, if you registered the domain through them, and have them change your Administrative and Registrant contact information to something like a PO Box for the address, no phone number, and using “Admin Team” for “name”.

If you registered the domain name yourself you will have to go through whatever hoops your registrar uses. GoDaddy has a really nice interface(albeit add cluttered) for making these changes. You get a username and password and you can do anything you want with your domain names.

I cannot recommend this strong enough. When you have this information in the DNS you are exposing yourself unnecessarilly. This advice doesn’t stop with individuals either. Businesses often have this information exposed in their DNS records. Imagine the social engineering prospects when the attacker knows the name of the network admin which would probably be in the Technical Contact entry.

Hacker: Hello, I’m NetAdmin Joe(cleverly gathered from DNS) and I need to work on your machine remotely, can you give me your password?

Innocent Secretary: Uh…okay…

Don’t laugh at that…it happens. Where I work some of the staff has never met me. They have met my support staff but not me. ANYONE could call in claiming to be me and ask the staff for something. Of course I have taken steps to prevent that but it’s still a threat I consider.

So…bottom line is protect your privacy by cleaning up your DNS records folks. If you have questions drop me a comment and I’ll get in touch via email. I moderate some comments so don’t be upset if your comment doesn’t show up immediately.

Update: Thanks Mudville Gazette for the Open Post. 😉

Last modified on November 23, 2005

Categories: InfoSec, The Red Pill
Comments Off on Protect your Privacy Website owners!

« | Home | »

Comments are closed.

%d bloggers like this: