14,927
edits
Changes
Jump to navigation
Jump to search
Line 29:
Line 29: + + + + + + + + +
no edit summary
* the exploitation of implementation vulnerabilities, <ref>[https://www.verisign.com/en_US/company-information/dns-abuse/index.xhtml DNS Abuse, Verisign]</ref>
* the exploitation of implementation vulnerabilities, <ref>[https://www.verisign.com/en_US/company-information/dns-abuse/index.xhtml DNS Abuse, Verisign]</ref>
* [[Registrar Hopping]], aka TLD Hopping<ref>[https://annualreport2020.iwf.org.uk/trends/international/other/toplevel TLD Hopping, IWF 2020 Annual Report]</ref>
* [[Registrar Hopping]], aka TLD Hopping<ref>[https://annualreport2020.iwf.org.uk/trends/international/other/toplevel TLD Hopping, IWF 2020 Annual Report]</ref>
==Vectors==
The DSFI-TSG identified seven categories of attack vectors.<ref>[https://community.icann.org/display/DSFI/DSFI+TSG+Final+Report?preview=/176623416/176623417/DSFI-TSG-Final-Report.pdf DSFI-TSG Final Report, ICANN Community]</ref>
* Identity and Access Management: Attacks on and through credential systems result in the modification of registration data, which can lead to [[Domain Hijacking]], traffic interception, and [[social engineering attacks]].
* Access Control and Authorization Issues
* Resource Impersonation
* Code and Protocol Vulnerabilities * Infrastructure Choices
* DNS
* Denial of Service
==History==
==History==