Bugtraq mailing list archives

Re: Anyone can take over virtually any domain on the net...

From: jlewis () LEWIS ORG (Jon Lewis)
Date: Thu, 13 Jan 2000 13:55:36 -0500


On Wed, 12 Jan 2000, Thomas Reinke wrote:

At first I thought this had to be a joke. After thinking
about it, I realized that its no joke at all, and in
fact quite easy to do.

Step 1: Send a spoofed email to Network solutions requesting
        a DNS change to your own DNS server.

Step 2: Wait for a short while (the amount of time it normally
        takes Network Solutions to send out a confirmation
        email request)

Step 3: Send a second spoofed email confirming the request.


Steps 2 and 3 aren't even necessary if you're good at forging email.  Just
send a properly forged message claiming to be either the admin or
technical contact for the domain being modified, and NetSlo will make it
so.  If you care about your domains, you should switch to using either
crypt-pw or PGP.  I'd heard their PGP system was often broken, so I've
been using crypt-pw for nearly a year.

----------------------------------------------------------------------
 Jon Lewis *jlewis () lewis org*|  Spammers will be winnuked or
 System Administrator        |  nestea'd...whatever it takes
 Atlantic Net                |  to get the job done.
_________http://www.lewis.org/~jlewis/pgp for PGP public key__________

Current thread:

Re: Misleading sense of security in Netscape, (continued)
- - - Re: Misleading sense of security in Netscape Jefferson Ogata (Jan 18)
    - New MySQL Available Scott (Jan 13)
    - BindView Security Advisory: Local Promotion Vulnerability in Windows NT 4 BindView Security Advisory (Jan 13)
    - Microsoft Security Bulletin (MS00-003) Microsoft Product Security (Jan 13)
    - ICQ Buffer Overflow Exploit drew copley (Jan 11)
    - Re: ICQ Buffer Overflow Exploit Dennis W. Mattison (Little Wolf) (Jan 12)
    - Re: ICQ Buffer Overflow Exploit Michael DeSimone (Jan 13)
    - Re: ICQ Buffer Overflow Exploit Tom Schumm (Jan 14)
    - Re: ICQ Buffer Overflow Exploit Simon Steed (Jan 13)
    - Anyone can take over virtually any domain on the net... Thomas Reinke (Jan 11)
    - Re: Anyone can take over virtually any domain on the net... Jon Lewis (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Jeffrey Paul (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Chris Adams (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Shafik Yaghmour (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Nick Lamb (Jan 15)
    - Re: Anyone can take over virtually any domain on the net... Kurt Seifried (Jan 13)
    - Blinding BIND to a moving domain D. J. Bernstein (Jan 12)
    - Re: Blinding BIND to a moving domain Ken Gourlay (Jan 12)
    - CyberCash MCK 3.2.0.4: Large /tmp hole Sheldon Young (Jan 12)
    - Administrivia: ORBS Elias Levy (Jan 12)
    - WebSitePro/2.3.18 is revealing Webdirectories Lark Lizerman (Jan 12)

(Thread continues...)