Line 50: |
Line 50: |
| *# Delete or de-register the domain. | | *# Delete or de-register the domain. |
| ===Access Control and Authorization=== | | ===Access Control and Authorization=== |
| + | * Bad actors can gain access to unauthorized services and/or data. In the case of a subdomain takeover, non-authorized users gain access to publish content under a DNS label that they have not been authorized to control. |
| ===Resource Impersonation=== | | ===Resource Impersonation=== |
| + | * A bad actor can impersonate a recursive resolver by intercepting traffic to it at the network layer after changing the user's configuration. |
| + | * When illegitimate server operators receive DNS queries for an authoritative nameserver, they can return incorrect response data, make it so only certain geographic areas see altered data, and populate a recursive cache with incorrect results.<ref>[https://community.icann.org/display/DSFI/DSFI+TSG+Final+Report?preview=/176623416/176623417/DSFI-TSG-Final-Report.pdf DSFI-TSG Final Report, pg. 15, ICANN Community]</ref> |
| + | * Using look-alike domains relies on similarities in domain names, such as [[gTLD|Domain suffix]] appending, [[Typosquatting]], or [[IDN|internationalized domain name]] homographs, or [[bitsquatting]] to lead users into interacting with a bogus website, generally to carry out a phishing attack. |
| ===Code and Protocol Vulnerabilities=== | | ===Code and Protocol Vulnerabilities=== |
| ===Infrastructure Choices=== | | ===Infrastructure Choices=== |