I thought this is basic knowledge of everyone technically engaged in Internet stuff. But apparently, this isn't the case, despite its well-known and very readable documentation! [1] It says:
1) There are exactly 3 domains the IANA keeps free for that purpose:
example.com
example.net
example.org
2) In addition, all domains under the following 3 top level domains can be used freely for that purpose:
*.test
*.example
*.invalid
3) The domains under the following top level domain have some special meaning (should point to loopback IPs only):
*.localhost
Everything else is either registered, or might be registered by somebody in the future. Don't (mis)use those names unless you own them!
*.local is a great example of why not to use a domain that just 'sounds good' as an internal dns suffix, as it is used by bonjour/avahi[1]
I had to rename an entire corporate network once because the previous folks thought .local "looked good". It cause constant issues with clients that had bonjour or avahi running.
Where does email sent to wildcard@example.com go? If I accidentally sent sensitive information to wildcard@example.com would some evil person (potentially at the IANA) be able to retrieve it someday?
I looked, but I can't figure out the right Google juice - example.com is, for obvious reasons, a pretty common search result on the web! USENET would be better, but Google Groups seems to not index words with periods in the middle; "example.com" returns only "example com" results.
It was common advice back in the day to use "example.invalid" and NOT kill some poor guy's server at example.com; I don't think .invalid was explicitly reserved before then, but it was known not to be a ccTLD or gTLD.
the guy who owns test.com emailed me once because I wrote a paper on IIS vulnerabilities and had 'test.com' as example URL's. turns out a lot of people reading my paper would copy+paste the example exploits and own the test.com server (which just happen to be running IIS).
that server.com server was hilarious. it ended up becoming a mini-BBS with people posting funny messages, file names etc. to it. When I went to check it out to see what was going on, I ran a dir on the c drive, and there were almost 500 funny folder and file names there, with 'X WAS HERE' etc.
someone then put out a URL on IRC which would fire up a reverse shell. and that server.com server ended up running gaming servers, porn ftp sites, warez, the works. the guy emailed me around 2-3 months later asking for help to patch the box because it kept getting owned.
fun fact: I wrote a scanner in C back then that would check for these vulnerabilities. The scanner had two 0day vulnerabilities that weren't in this paper. one night at a friends house we were playing around with NXFR transfers from DNS servers (this is back when you could do them and before people figured out to lock this down). we started downloading lists of all the domain names from various TLD's. for eg we had .net, .org, .com etc. then we started downloading various countries, for eg. .at, .co,
we were talking to each other about what to do with them, and he said 'lets run one of these through your scanner'. so I made a quick change that would check the Server banner returned, and if it was IIS, it would then try these different exploits and run a command. we couldn't work out which command we wanted to run, so I had the idea of just creating a file called 'heh.txt' in C. I set it all up and ran it against all the Austrian domains. within a few seconds it was obvious that it was working too well - because it was churning through 5-10 hosts per second and a lot of them were 'SUCCESS'. I left it running, no idea when it finished, but when I picked it back up again the next day around 40% or servers (may have been more) were running IIS and of those, around 98% had our 'heh' command run successfully.
tl;dr hacked ~40% of all servers in austria. if you ever found a file called 'heh.txt' in the root of your C drive, that was me.
1) There are exactly 3 domains the IANA keeps free for that purpose:
2) In addition, all domains under the following 3 top level domains can be used freely for that purpose: 3) The domains under the following top level domain have some special meaning (should point to loopback IPs only): Everything else is either registered, or might be registered by somebody in the future. Don't (mis)use those names unless you own them!Unfortunately, this kind of criticism is not always welcome on HN. (for example, http://news.ycombinator.com/item?id=3129459 was scored -1)
[1] RFC 2606, http://tools.ietf.org/html/rfc2606