|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Anyone can take over virtually any domain on the net...
Subject: Anyone can take over virtually any domain on the net...
From: Thomas Reinke (reinke
E-SOFTINC.COM)
Date: Tue Jan 11 2000 - 23:27:18 CST
- Next message: Sheldon Young: "CyberCash MCK 3.2.0.4: Large /tmp hole"
- Previous message: drew copley: "ICQ Buffer Overflow Exploit"
- Next in thread: Ryan Russell: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Ryan Russell: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Kurt Seifried: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Janos Zsako: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Haight, Kristofer: "Re: Anyone can take over virtually any domain on the net..."
- Reply: BUGTRAQROZZ.COM: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Jon Lewis: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Russ Johnson: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Shafik Yaghmour: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Jeffrey Paul: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Chris Adams: "Re: Anyone can take over virtually any domain on the net..."
- Reply: root: "Re: Anyone can take over virtually any domain on the net..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Wired recently ran an article on the fact that someone
recently hijacked a number of domains in the Network
Solutions database using email spoofing.
At first I thought this had to be a joke. After thinking
about it, I realized that its no joke at all, and in
fact quite easy to do.
Step 1: Send a spoofed email to Network solutions requesting
a DNS change to your own DNS server.
Step 2: Wait for a short while (the amount of time it normally
takes Network Solutions to send out a confirmation
email request)
Step 3: Send a second spoofed email confirming the request.
Step 4: Have your DNS server serve the new web server address
from a new webserver with your own content.
Network Solutions rep quoted in the wired article:
"O'Shaughnessy pointed out that Network
Solutions offers more secure services.
Most accounts will not need the extra
security he said, but in the age of
e-commerce and more vital Web services,
the onus is on the registrant to see that
his domain is secure."
Doesn't take too much rocket science to point out that other
than the obvious flaws in insecure email, the fact that
confirmations to make domain changes do not carry any
sort of tracking number make it possible for spoofed email
to confirm illegitimate requests. I think it might be
appropriate for Network Solutions to add at least THAT
much reliability into their confirmation scheme so that
that kind of change couldn't occur in the future...
BTW, Network Solution's instructions on changing the
scheme to a userid and password based system doesn't
work very well. We've attempted on several occasions
to do this with no luck...thereby forcing on us the guardian
scheme :(
Cheers, Thomas
-- ------------------------------------------------------------ Thomas Reinke Tel: (905) 331-2260 Director of Technology Fax: (905) 331-2504 E-Soft Inc. http://www.e-softinc.com
- Next message: Sheldon Young: "CyberCash MCK 3.2.0.4: Large /tmp hole"
- Previous message: drew copley: "ICQ Buffer Overflow Exploit"
- Next in thread: Ryan Russell: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Ryan Russell: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Kurt Seifried: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Janos Zsako: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Haight, Kristofer: "Re: Anyone can take over virtually any domain on the net..."
- Reply: BUGTRAQROZZ.COM: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Jon Lewis: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Russ Johnson: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Shafik Yaghmour: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Jeffrey Paul: "Re: Anyone can take over virtually any domain on the net..."
- Reply: Chris Adams: "Re: Anyone can take over virtually any domain on the net..."
- Reply: root: "Re: Anyone can take over virtually any domain on the net..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Thu Jan 13 2000 - 12:46:29 CST