Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
Microsoft tool aims to stymie typosquatters
Published: 2006-04-11

Microsoft released a program on Friday to allow consumers to detect when a misspelled domain name sends them to an unwanted site and block referrals to pornographic sites.

The tool, called Strider URL Tracer with Typo Patrol, alerts users when a mistyped Web address redirects their browser to a known domain-parking site. Microsoft first generated all possible misspelled domains, scanned them using virtual machines developed under the software giant's Strider Project, and created a database based on the researchers' analysis of the data, Microsoft said in a paper on the technology. The researchers found that 40 percent to 70 percent of all active typo domains, accounting for 30 percent of all typos, were parked with six services.

"For the users' perspective, such typo traffic often startles them with (an) unpleasant 'hijacking' experience, followed by an annoying barrage of pop-up and pop-under advertisements," Yi-Min Wang, manager of Microsoft's Cybersecurity and Systems Management Research Group, stated in the paper. "Most seriously, many typo domains of children's Web sites have been observed to redirect to or link to adult Web sites, endangering Internet safety by potentially exposing minors to harmful material."

The tool extends research done by Wang and others at Microsoft into client-side honeypots, dubbed 'honeymonkeys' by the software giant, that can search the Internet for malicious Web sites. Start-up SiteAdvisor has used the technique to create a browser plug-in that can warn users of bad Web sites by referring to a backend database of Internet sites rated by such client-side honeypots.

The software giant was scheduled to release five patches for Windows systems on Tuesday, including a patch for a critical flaw in Internet Explorer that was being exploited publicly by malicious Web sites. At least 136,000 people have downloaded a third-party workaround distributed by eEye Digital Security to fix the issue, that company said on Tuesday.

Posted by: Robert Lemos
    Digg this story   Add to  
Comments Mode:


Privacy Statement
Copyright 2009, SecurityFocus