Home page logo
/

nanog logo nanog mailing list archives

Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS)
From: Jimmy Hess <mysidia () gmail com>
Date: Thu, 20 Jun 2013 19:22:33 -0500

On 6/20/13, Randy Bush <randy () psg com> wrote:
netsol screwed up.  they screwed up bigtime.  they are shoveling kitty
litter over it as fast as they can, and they have a professional kitty
litter, aka pr, department.
but none of this is surprising.
and dnssec did not save us.  is there anything which could have?

What's puzzling is  the "How the heck did they do that?"

The registrar doesn't maintain the .COM database that contains the
list of nameservers....
they had to submit changes to all those records.

So, why weren't there security controls to make sure that the
registrar could not submit changes without appropriate authorization
from the Administrative/Tech contact?


randy
--
-JH


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]