Is bringing .local TLD a security risk?

336    Asked by Amitraj in Cyber Security , Asked on Mar 22, 2022

Now that the ICANN is allowing custom Top Level Domain names and often corporate IT workers like to use .local as the TLD for internal networks, if someone does buy the .local TLD what are some possible dangers a user could encounter?


The main example I can think of is spear-phishing attacks. If a company has computers like SuperSecureServer.local on their LAN and a malicious attacker makes TotallyARealCorporateServer.local would TotallyARealCorporateServer.local resolve to the attacker's IP? If it did, the attacker could send a bad link then could impersonate a real server and get domain login credentials.

Answered by Amit Sinha

That depends on the DNS configuration for the local networks. I would assume most companies have their own DNS servers which, aside from knowing where to ask for DNS records for other domains, also declare themselves as authoritative for the .local TLD. Assuming all clients are pointing at these DNS servers, owning the .local TLD wouldn't help an attacker one bit.


Your Answer

Interviews

Parent Categories