Are they just an issue with wefwef or trying to use an exploit

  • tarjeezy
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    1 year ago

    Yea I’ve got both .zip and .mov blocked on my pihole

    • Snipe_AT@lemmy.atay.dev
      link
      fedilink
      arrow-up
      1
      arrow-down
      18
      ·
      1 year ago

      sorry i’m missing it. why this specific TLD? can’t they just use any TLD for this and achieve the same thing? is there something special with .mov?

      • Thassar@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        It’s because it can cause confusion. The only difference between example.com/file.zip and example.com.file.zip is one uses a . and the other a / but both are valid domains. If somebody isn’t paying much attention or they don’t know much about domain names, they could click thinking to get a zip file from a legitimate site and end up going somewhere malicious instead. No other TLDs have this issue (well, I guess .com technically has it but who the hell is downloading and running com files these days) and they’re pretty much exclusively used for this reason so it’s a good idea to block them just to be safe.

        • assa123@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          sorry, I didn’t saw your answer and also replied! I didn’t remember that (.)COM was also a file extension, but now, thanks to your reminder, I will play some DOS games ;)

      • assa123@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        since .zip and .mov are recognizable file extensions, a url of the form google.com.docs.zelensky.zip could make people think that the domain is google.com pointing to a zip instead of the true domain, zelensky (dot) zip which probably would serve malicious content under that subdomain.