Orphaned domains like this are interesting, there was a defcon talk, I think, where the presenter bought a bunch of blacklisted orphaned domains just to see if anything would try and connect to them. They got hit with so many botnet clients trying to phone home.
Yeah those orphaned domains are a goldmine for security researchers, there was a similar talk at blackhat where they showed how expired domains from major companies still recieved auth tokens and sensitive data for months after expiry.
Orphaned IPs as well. If you have an IPv4 from your cloud provider and you want to retire it, you should thoroughly scrub your DNS and all other configs before doing so. Otherwise it’s trivial for someone else to spin up a machine on that IP address and abuse your domain.
Basically, when you stop paying for hosting, also remove records from your domain, or itll link to the new person with your old hosting ips website and show that on your domain. I always forget when I swap hosting on my personal sites and haven’t updated the records, see some random dropshipping or local (not to me) business website on my domain lol
Orphaned domains like this are interesting, there was a defcon talk, I think, where the presenter bought a bunch of blacklisted orphaned domains just to see if anything would try and connect to them. They got hit with so many botnet clients trying to phone home.
Yeah those orphaned domains are a goldmine for security researchers, there was a similar talk at blackhat where they showed how expired domains from major companies still recieved auth tokens and sensitive data for months after expiry.
Orphaned IPs as well. If you have an IPv4 from your cloud provider and you want to retire it, you should thoroughly scrub your DNS and all other configs before doing so. Otherwise it’s trivial for someone else to spin up a machine on that IP address and abuse your domain.
Basically, when you stop paying for hosting, also remove records from your domain, or itll link to the new person with your old hosting ips website and show that on your domain. I always forget when I swap hosting on my personal sites and haven’t updated the records, see some random dropshipping or local (not to me) business website on my domain lol
Please post a link if you’re able, that sounds like a very interesting watch.