Highest Voted 'domain' Questions - IT Security Stack Exchange

1

vote

0 answers

How the information from different resources are used in calculating the reputation score of a domain name in whoisxml (domain reputation API)?

I'm trying to obtain the reputation score of a domain name from whoisxml. There are some resources listed in their website such as the website content and it relation to other domains, and host configuration or Reverse IP lookup that the score is…

malware domain

asked Apr 28 '20 at 16:07

Haleh

11
1

1

vote

1 answer

No MX Records on a Possible Phishing domain?

I saw on my SMTP logs that it queried a possible phishing domain, I look up on its MX records and it didn't have one. Does the domain need an MX record before sending phishing emails?

dns phishing smtp domain

asked Dec 12 '19 at 13:52

The Guest

11
1

1

vote

1 answer

Would my IP be recorded when I visit a website

Could the website owner (admin) determine whether to record users IP? If the website owner (admin) doesn’t want to record users IP, will the host provider or domain name provider still get and record users IP? For example I buy a domain name (say,…

ip anonymity websites web-hosting domain

asked Nov 15 '19 at 02:19

gudako

133
7

1

vote

0 answers

How to enforce E-mail Account Security with regards to Custom Domains & 2FA?

Lately I've been bothered by the fact that should one of my e-mail accounts be in some way compromised despite its long and randomized password phrase. I'd have hell to pay since it is effectively a gateway into a large portion of any other accounts…

multi-factor gmail domain

asked Dec 14 '18 at 04:53

hurtcomplex

21
1

1

vote

1 answer

How to secure a domain name from insider threats, domain hijacking in a corperate context?

Usually there's just one e-mail / e-mail password / domain registrar username / password. And perhaps one 2FA (google authenticator) device and a 2FA recovery code. Either an employee has access to these credentials or not. Each employee has access…

dns domain insider-threats

asked Oct 11 '18 at 19:16

adrelanos

680
7
21

1

vote

0 answers

Finding phishing sites to certain domain

My work currently involve finding phishing site to a certain domain/ company. I was wondering if there are some tools/ Online services that I can use to find phishing sites. I would like to know; Searching for registered domains based on…

phishing kali-linux dns-domain domain

asked Jul 24 '18 at 09:24

Youbecks003

175
8

1

vote

1 answer

Can the subdomains have different certificates from the main domain if I use HSTS includeSubDomains and preload?

I have a main domain where I serve my website, and then I have subdomains that I use to deploy other projects which may be temporary. Having set up a deployment system with docker and letsencrypt, each project automatically has their own…

tls certificates hsts domain sub-domain

asked Oct 29 '17 at 15:39

progress44

13
2

1

vote

2 answers

How do you prevent a computer in a network from accessing RDP?

So you're on a domain. I know that Remote Desktop needs an authorized user's credentials (e.g admin) to log in with a remote computer. But can you also place a condition that you need to be using a certain computer(s) in the domain to log into it?…

remote-desktop domain

asked Aug 18 '17 at 14:02

Newlo Newly

145
1
1
6

1

vote

1 answer

My company is considering collapsing from multiple independent domains to one trust network

Currently, we have a number of domains for various purposes like back office, production, DMZ, partners, etc. There has been a change in management thinking to simplification. They want all the resources to fall under one trust. I'm responsible for…

architecture domain sub-domain

asked Jul 27 '17 at 16:22

oBreak

470
3
5

1

vote

0 answers

DGA scheme on local network

Reviewing DNS logs within my company I've found a lot of weird DNS requests from a machine involving what it seems a DGA scheme as shown below (real IP has been obfuscated): 04/07/2017 13:36:47 12C8 PACKET 0000000005492E80 UDP Rcv x.x.x.x 615f Q…

dns dns-domain windows-server domain

asked Jul 12 '17 at 07:30

jvdav

11
2

1

vote

1 answer

Spam mail "is missing domain"

I just recieved a spam mail. They asked me to "confirm my amazon account / identity". The button links to a subdomain of ad-new.xyz (not sure if I am allowed to post this. Please remove the link if not allowed). Nothing special, it was not that hard…

email spam domain

asked Apr 27 '17 at 16:41

jdstaerk

111
3

1

vote

1 answer

how to investigate diff between theguardian.com and tehguardian.com

One website is the....com the other is teh....com. They display the same content. The whois data is radically different. Ping reports different IPs. TheGuardian.com hasn't responded to my request for clarification. How can I investigate the…

ip domain

asked Apr 21 '17 at 22:10

user567324

19
1

1

vote

1 answer

What is the effect on a domain when the secondary name server is compromised?

I've heard of a case wherein the domain name of the secondary name server was expired and free to register. Let's say example.com has two registered nameservers: example-ns1.com (primary) example-ns2.com (secondary) The domain example-ns2.com is…

dns internet dnssec dns-domain domain

asked Mar 16 '17 at 21:01

Bob Ortiz

6,234
8
43
90

1

vote

2 answers

Spoofing domain registration date info

Is it possible to spoof or change backwards Domain Registration Date that can be looked up in online whois tools and databases?

domain registration whois

asked Feb 16 '17 at 13:03

deevee

353
1
3
10

1

vote

1 answer

Is there any point in activating domain privacy after the fact?

If I have a domain name that does not have privacy protection enabled, is there any point in enabling it now? Or is it useless once the information is out there? I'm asking this because I'm aware that there are services providing DNS history.

privacy dns dns-domain domain

asked Feb 13 '17 at 23:20

bfl

113
2

Questions tagged [domain]