Thread: Spoof domain names
View Single Post
Old 07-02-2005, 15:36   #1
Mr_love_monkey
Inactive
 
Mr_love_monkey's Avatar
 
Join Date: Jun 2003
Location: London way
Age: 49
Services: Sarcasm
Posts: 8,376
Mr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny stars
Mr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny starsMr_love_monkey has a pair of shiny stars
Exclamation Spoof domain names
Apparently international domains (IDN) can be used to fool initial visual inspection:

Demonstration: (this site is nothing to do with me)
http://www.shmoo.com/idn/
Look very carefully at the first "a" in paypal in that demonstration.

In theory this can be blocked at least in Firefox by turning off international domain support (IDN) as a temporary workaround:
Quote:
Type about:config in your address bar
Then search for network.enableIDN
Click on it to set it to FALSE
IDN support should then be disabled
Mr_love_monkey is offline   Reply With Quote