What Did You Click On?

Legal browsers are set up so that cookies can only be read from and written to by the domain that sent them. What then is a domain? For the url http://spanishflashcards.tripod.com/ the domain is tripod.com. Tripod.com has a sub-section called spanishflashcards. This can be confusing. Both msn.com and hotmail.com are domains owned by Microsoft. Other popular domains are yahoo.com, google.com, facebook.com, twitter.com, and myspace.com.

Remember the rule you learned with spanishflashcards.tripod.com. Since translate is a subsection of google.com the url is www.translate.google.com not www.google.translate.com. In the second case you would be directed to the domain Translate.com. Likewise whitehouse.com used to be a domain for spoofing whitehouse.gov. Today some traffic from that domain is being redirected to whitehouse.gov. Similarly, unicode.org is a domain where you can find out more about the unicode encoding of different characters, whereas traffic for unicode.com is redirected to an unrelated domain.

When clicking on a url, make sure it is the domain you want -- and make sure the url you go to is the same as the one you clicked on. Be especially careful clicking on ads. Some malicious advertisers may upload an ad with a link to a normal-looking domain on a weekday and then on a weekend might upload an ad containing a url that looks like that of a popular domain, but when a user clicks traffic is redirected to somewhere else (on the weekend no one may check ads). The bad ads of course eventually get caught but they generally run long enough to do whatever they need to do. }

To learn the basics of cookie handling, see http://internet-security.suite101.com/article.cfm/your-computer-cookie-jar--the-low-down-part-one.

For more, see http://internet-security.suite101.com/article.cfm/your-computer-cookie-jar--the-low-down-part-two.

Or check out: diaryofadrivebyattack.txt.