Hijacking Domain Names

ITWorld.COM reported on China hijacking Google’s domain name and rerouting it to the site of their choice. I found this fascinating on several different levels.

First of all, there’s no way to stop this, short of every user adding “www.google.com” to their host table (so those more technically saavy will probably do that). “Hijacking”, an overly strong word, is a commonly used approach for managing address translated networks. By having a server on a local network declare itself the start of authority for a domain, any machine on that network that uses that name server will get the IP addresses, whether or not the name server really is the authority. For example, most of my computers run on a 10.x.x.x network, a private, unroutable network. I run two DNS servers — an internal one with k2.com serving up internal IP addresses and then an external one — the one that you use to get to my web site. This way none of my computers gets confused about which systems are which.

A second observation is the idea of how “lawless” the Internet naming system really is. Just think — you pay your money to buy a domain name, but any ISP could redirect it at will. So imagine if some ISP decided that MICROSOFT.COM really needed to point to, oh say, AOL.COM. How much would someone be willing to pay to do that? Is there anything that really stops an ISP from doing that?

Obviously in the US, where there are many ISPs, making a change like that would be hard. But a backbone provider could easily make a change and alter how the downstream ISPs (and their users) see the Internet. Don’t be surprised if this becomes a more prevalent tactic. I could easily see this as the next huge boom in marketing. This could be the business model the ISPs are looking for — you pay your $50k and direct the domain name of your choice to the IP address of your choice.

Well That Was Weird

For those that happened to visit here and note that it was off-line for the last couple of days, I offer my apologies. I’m not in the habit of connecting to my web site every day and consequently didn’t notice that it was down until I went to make a post today. If anyone notices that it’s down, feel free to email me and let me know. Obviously this is not a mission-critical web site, so my monitoring of it is sporadic at best.

I run this site on a Linux box, which tends to be highly reliable. Except for the last couple of days, of course :-).