Home » Story links » Param's story links

The Anatomy and Deception of a Malicious URL

Link: http://community.ca.com/blogs/securityadvisor/archive/2008/0...
Points: 232 views User: Param Comments: 0 Comments Tag:

In this article I promise deception, technological trickery, impart a bit of knowledge, insight, and all through what I hope to be an interesting read for you.

I was browsing through a long list of malicious URL's and I came across an interesting URL that caught my eye, hxxp://www.yahoo550.com/image/logo.jpg?queryid=77092. Your first question might be; What is a URL? Well, most of you know it as another name; simply put, a text string that represents a website and its path or components. URL stands for uniform resource locator. Your second question might be; why did it catch my eye? Well lets take a closer look at the anatomy of a URL. Trust me; the really interesting parts are coming soon.

Take the website http://www.ca.com/. The "www" represents that the website is on the World Wide Web. This value is optional when putting it into your web browser. The "ca" section is what is referred to as the domain name. It often (but not always) indicates the name of something (i.e. McDonalds.com, or Microsoft.com). It could also be something random, like 66123.net (which is actually registered). The ".com" portion is what is called the suffix. This usually represents the type of organization that is operating the network. For example ".edu" is reserved for education entities, ".gov" the government sectors and ".org" for non-profit organizations. There are many others, but I think you get the point. Anything that trails the suffix (i.e. ".com", ".gov") is what is called the pathname or directory, and this pathname (with special characters) can lead to static documents (web pages) or dynamically available content such as user requested values passed back to and from a database. More on that later. For instance the URL http://www.ca.com/us/securityadvisor/ tells us that the domain belongs to CA, the "/us/" tell us that this webpage belongs those customers who chose US-English as their viewing website, and finally /securityadvisor/ is the desired landing directory that the user navigated to. All of this makes up the full path or URL.


Email: Email this Story to a Friend

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.