Site Menu

Additional Info

Share

How would Microsoft keep hackers away with Corp.com

Microsoft closes the Windows for online mosquito with corp.com

Understand basic chronology:

To safeguard customers and systems from possible intrusion and hacking attempts, Microsoft recently picked up the domain name corp.com


The Brian Krebs security researcher publicized the information about the latest acquisition from Redmond based company. However, Microsoft kept the amount confidential. Along with all the security essentials and measures brought to the table by this deal, the entire acquisition scenario is also a bit interesting event altogether.If you are in domaining or domain trading business and knows how much lucrative this market is, then you will find this information quite intriguing.

Last February, the domain name in question was available for auction at a whopping starting price of $1.7 million by an individual who had owned it for 26 years! Wouldn’t it be simpler to define him as a visionary person of the decade!


Based in Wisconsin, the individual anticipated Microsoft would buy it because “hundreds of thousands of Windows PCs are continuously trying to share sensitive information and data with corp.com”, he said.


How would Microsoft keep hackers away with Corp.com
How would Microsoft keep hackers away with Corp.com
Image: 
https://krebsonsecurity.com/2020/02/dangerous-domain-corp-com-goes-up-for-sale/
What is the catch?

The problem was linked to the namespace collision and that collision was threatening the security loophole for a long-time.

According to ICANN (Internet Corporation for Assigned Names and Numbers), the name collision phenomenon take place “when an attempt to resolve a name used in a private namespace results in the resolution of a request sent to the public domain name system i.e. DNS”.This kind of situation erases the administrative boundaries between the private and public namespaces, as they overlap with each other and name resolution can create the grounds for unforeseen harmful results.

The earlier versions of Windows servers were prone to fall in this trap, as the default name suggestion for administrators while setting up Microsoft’s Active Directory (i.e. AD) directory service was “corp”. The problem is twofold here. On the one hand, Microsoft has linked the default suggestion to an actual address and on the other hand many companies have adopted this setting as it is without changing it to secure one.

Adequate to hone the appetite of intruders or hackers

“Certainly, this whole situation means an opportunity to anyone who controls corp.comas it gives him an ability to passively divert or catch the private communication of hundreds of thousands of personal computers which end up being removed from a corporate environment that uses this designation corpfor their Active Directory Domain”, said the security researcher on his blog KrebsOnSecurity.

Secure names and internal networks

... Microsoft has acquired the domain name corp.com to enhance the user security and closed the long awaited loophole.

To help protect systems, we encourage customers to adopt secure security practices when planning domain names and internal networks. We released a security advisory in June 2009 and a security update that helps to protect users from possible intrusion. As part of our ongoing commitment to customer safety, we have also acquired the corp.com domain name”, Microsoft said in a statement.

This initiative towards the security measurement can safeguard the companies that have constructed their IT infrastructures using the Active Directory Service on 
“corp or corp.com”. Regardless of everything, Brian Krebs still warns that: “Any company that has linked its internal Active Directory Network to a domain that it does not control is still exposed to a possible security nightmare”.
To Learn more, Google, under heads: domain names, system security, data security, cyber security, Microsoft Security, Windows Security

Bibliography: