Research Article
Surveying DNS Wildcard Usage among the Good, the Bad, and the Ugly
@INPROCEEDINGS{10.1007/978-3-642-16161-2_26, author={Andrew Kalafut and Minaxi Gupta and Pairoj Rattadilok and Pragneshkumar Patel}, title={Surveying DNS Wildcard Usage among the Good, the Bad, and the Ugly}, proceedings={Security and Privacy in Communication Networks. 6th Iternational ICST Conference, SecureComm 2010, Singapore, September 7-9, 2010. Proceedings}, proceedings_a={SECURECOMM}, year={2012}, month={5}, keywords={DNS Wildcard Security}, doi={10.1007/978-3-642-16161-2_26} }- Andrew Kalafut
Minaxi Gupta
Pairoj Rattadilok
Pragneshkumar Patel
Year: 2012
Surveying DNS Wildcard Usage among the Good, the Bad, and the Ugly
SECURECOMM
Springer
DOI: 10.1007/978-3-642-16161-2_26
Abstract
A DNS wildcard can be used to point arbitrary requests for host names within a domain to a specific host name or IP address. Wildcards offer administrators the convenience of not having to change DNS entries when host names change. However, we are not aware of any work that documents how wildcards are used in practice. Such a study is particularly important now, because Internet miscreants are starting to exploit DNS wildcards for convenience and possibly for evading blacklists based on exact host names. In this paper, we study the prevalence and uses of wildcards among the good, bad, and ugly domains in the Internet. We find that wildcards are in extensive use among businesses that monetize unregistered domains, domains hosted by large web-hosting providers, blogging sites, and websites connected to scam, phishing, and malware.
