In fact, one of C|NET’s (the company that currently runs com.com) network admins was listed as the 10th most dangerous and least likely person on the Internet during my presentation at OWASP. Why? Because of typo traffic. A friend of mine used to run csuchico.com instead of csuchico.edu and used to get tons of sensitive information about the local college, including building plans, love letters, medical information, bills, and on and on… And that was just one .edu domain. Now imagine the typo traffic for all of .com!I remember when I was with a small company, we had not only our .com address, but we also got the .net, .org, .edu, and every other "dot" domain we could. Why? For the same reason as CSU Chico should have: people make typos and send all kinds of stuff to the wrong domain. And that's just the innocent mistakes. You certainly don't want a bad guy spoofing your site using the same name but different domain.
Moral of the story. I'm sure most of you have already done this, but if you haven't go out and spend a few bucks and get all the domains for your school's name and not just the .edu. It won't cost much and it may help you sleep better. And if you find someone is already camping on the domain, well I guess maybe that tells you something, too...and you should not like it.
No comments:
Post a Comment