In this post, I will show
you how domain names
are hacked. Hacking of a
domain name from it's
original user is known
as Domain name
hijacking. Let me explain
what is this.
Suppose i bought a
domain name. Now i
need a web host for
hosting my website.
Now how it works??
When we bought a
domain name, we also
get a control panel for
full control on this
domain name. From this
control panel we point
our domain to the web
server where our files
are actually host.
For ex- I have a domain
name abc.com and i
bought hosting at a
server webhost.com.
then for working of our
website we need to
setup our domain to
point to our web
hosting server
webhost.com.
Now how domain
hijacked??
For hijacking a domain
name, you need to get
access the domain
name control panel and
point out it to your
website server from
it's original server. In
above example,
suppose a person Y
wants to hack the
domain name abc.com.
He will try to get access
to the control panel of
the domain name
abc.com. After doing
this he will change it to
point ywebhosting.com
where Y has hosted his
website. Now we can
see thaty the original
website was on
webhost.com but now
it changes to
ywebhosting.com. All
visitors of abc.com will
see a different website
now.
How to get access to
the domain control
panel??
To hijack a domain
name it is necessary to
get access to the
domain name control
panel. For this we need
2 infornmations.
1. Domain name registrar
2. Administrative email
associated with this
domain
This is very easy to get
these information
about a domain name.
Use WHOIS service for
this. go to http://
whois.domaintools.com/
enter the target URL
and lookup. You will get
the whois record of the
domain name. NOw see
the record and find the
administrative email
address and registrant
service provider for this
domain name. Now you
have both informations
about this domain
name.
The administrative
email address of this
domain name is the key
to hijack this domain
name. Now hack this
email account. For
hacking email account
go and read email
account hacking of this
website section.
after gaining access to
this email id, search in
mail for emails from the
registrar emails. Surely
there will be an email
with user name and
password. If not then
go to the registrar
website and click on
forgot password link
and reset the password
of your choice. Now you
can login to the control
panel of the domain
name. Change the
settings of this domain
name.
Domain name is now
hijacked ......
How to protect your
domain name??
For protecting your
domain name, protect
your administrative
email address. Protect
your email account from
being hacked.
Another best way is
private domain name
registration. In this type
of registration, your
private information
such as administrative
address will be hidden
to public in whois
records. So the private
registration provides an
extra security and
protects your privacy.
Private domain
registration costs a bit
extra amount but is
really worth for it’s
advantages. Every
domain
registrar provides an
option to go for private
registration, so when
you purchase a new
domain make sure that
you select the private
registration option
please comment below
if this post is useful for
you..
:)
Sunday, 24 July 2011
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment