Please Whitelist This Site?

I know everyone hates ads. But please understand that I am providing premium content for free that takes hundreds of hours of time to research and write. I don't want to go to a pay-only model like some sites, but when more and more people block ads, I end up working for free. And I have a family to support, just like you. :)

If you like The TCP/IP Guide, please consider the download version. It's priced very economically and you can read all of it in a convenient format without ads.

If you want to use this site for free, I'd be grateful if you could add the site to the whitelist for Adblock. To do so, just open the Adblock menu and select "Disable on tcpipguide.com". Or go to the Tools menu and select "Adblock Plus Preferences...". Then click "Add Filter..." at the bottom, and add this string: "@@||tcpipguide.com^$document". Then just click OK.

Thanks for your understanding!

Sincerely, Charles Kozierok
Author and Publisher, The TCP/IP Guide


NOTE: Using software to mass-download the site degrades the server and is prohibited.
If you want to read The TCP/IP Guide offline, please consider licensing it. Thank you.

The Book is Here... and Now On Sale!

The whole site in one document for easy reference!
The TCP/IP Guide

Custom Search







Table Of Contents  The TCP/IP Guide
 9  TCP/IP Application Layer Protocols, Services and Applications (OSI Layers 5, 6 and 7)
      9  TCP/IP Key Applications and Application Protocols
           9  TCP/IP Application Layer Addressing: Uniform Resource Identifiers, Locators and Names (URIs, URLs and URNs)
                9  Uniform Resource Locators (URLs)

Previous Topic/Section
URL Length and Complexity Issues
Previous Page
Pages in Current Topic/Section
1
2
34
Next Page
Uniform Resource Names (URNs)
Next Topic/Section

URL Obscuration, Obfuscation and General Trickery
(Page 2 of 4)

Common Obscuration and Obfuscation Techniques

It is a cruel irony that the complex syntax that was built into URLs to allow them to be so flexible, has been exploited by the obnoxious into tricking people. They know that most people are used to seeing simple URLs like “http://www.myfavoritesite.com” and do not realize that the full URL syntax allows the same resource to be specified in literally millions of different ways.

So these people, desperate for hits to their Web sites at any cost, keep coming up with new tricks for manipulating URLs. These are focused on HTTP scheme URLs, though in theory the tricks can be applied to several other types as well (though obviously they won't work with some schemes). Here are some of the more common gimmicks that have been used, past and present (note that if you are trying these out as you read, some examples may not work on certain browsers):

Excessive Length

In some cases, a URL is just made really long by the addition of lots of gibberish as a “query string”, so that the user's eyes glaze over just looking at it. This is a relatively “unsophisticated” technique, however, since one can easily tell what the real host name is by looking at the start of the URL. Most of the better scammers have moved beyond such simple tricks today.

Regular IP Address Hosts

Internet users are so accustomed to using DNS names that they don't realize that one can access a URL using an IP address at all. So most people don't realize that The PC Guide can be accessed as easily using <http://209.68.14.80> as <http://www.PCGuide.com>. (Note that this is not true of all Internet hosts; those that use virtual names cannot be accessed using just an IP address.)

This is not really trickery per se. It is quite legitimate, and in some ways even necessary—for example, for accessing a site that is having DNS problems. The problem here is that usually one cannot tell what a site is from the IP address alone, and many people will just click on an IP address link without bothering to find out what it is.

Numeric Domain Names

It is possible to register a DNS domain name consisting of just a single number. For example, one could register “114.com”. And then one could create subdomains within it such as “42.12.205.114.com”. At first glance this appears to be an IP address specification, so someone might think it would resolve to the address 42.12.205.114—when in reality, it is some other address.

I believe that DNS name registrars have been cracking down on this sort of trickery, so it may not be as prevalent now as it once was.


Previous Topic/Section
URL Length and Complexity Issues
Previous Page
Pages in Current Topic/Section
1
2
34
Next Page
Uniform Resource Names (URNs)
Next Topic/Section

If you find The TCP/IP Guide useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider purchasing a download license of The TCP/IP Guide. Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

The TCP/IP Guide (http://www.TCPIPGuide.com)
Version 3.0 - Version Date: September 20, 2005

© Copyright 2001-2005 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.