nanog mailing list archives

Re: A Deep Dive on the Recent Widespread DNS Hijacking

From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Mon, 25 Feb 2019 18:13:11 -0800

Markmonitor runs a registrar popular with fortune 500s that implements
additional security steps, and talking to a clued in live human in the loop
to modify anything in your domain record.

On Mon, Feb 25, 2019, 6:03 PM <valdis.kletnieks () vt edu> wrote:

On Mon, 25 Feb 2019 18:23:44 -0700, Paul Ebersman said:

Agreed. But this also gets down to the risk vs hassle tradeoff. Joe's
Bait & Tackle Shop probably isn't getting attacked by nation states who
can hack SS7, so SMS text might be good enough. And certainly better
than just an 8 char plain text password.


So what registries/registrars are supporting 2FA that's better than SMS?
Or since 98% of domain names are Bait&Tackle type, is nobody bothering
to support something for the 2% that could use it?

Or is there a business opportunity lurking here? :)

Current thread:

Re: A Deep Dive on the Recent Widespread DNS Hijacking, (continued)
- - - Re: A Deep Dive on the Recent Widespread DNS Hijacking Töma Gavrichenkov (Feb 24)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Sander Steffann (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Owen DeLong (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 25)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 25)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Rubens Kuhl (Feb 25)
    - RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 25)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Job Snijders (Feb 25)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Seth Mattinen (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Matthew Petach (Feb 26)
    - RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 26)

(Thread continues...)