Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: The out-of-domain NS registration attack
From: dbt () MEAT NET (David Terrell)
Date: Tue, 14 Mar 2000 18:08:49 -0800


On Tue, Mar 14, 2000 at 01:45:12AM -0000, D. J. Bernstein wrote:
The attacker then registers a new domain with NSI, using ns1.jsnet.com
as the domain's server name, but his own IP address for ns1.jsnet.com:

   zerosecurity.com NS ns1.jsnet.com
   ns1.jsnet.com A 5.6.7.8

Have you verified this is possible?  The last time I checked, NSI
would only allow new host registration from the appropriate contact
of the domain the host is in.

--
David Terrell   | p = "you are nasty"          q = "my first name is Janet"
Nebcorp PM      | r = "my first name is baby"  s = "My name is Miss Jackson"
dbt () meat net    | (!r -> q) & (p -> s)        - Braverman's Third Lemma
wwn.nebcorp.com | !r & (!p -> q) & (p -> s)   - Libor's Corrolary



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]