[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: www.networksolutions.com hijacked (fwd)

---------- Forwarded message ----------
Date: Fri, 2 Jul 1999 17:55:43 -0500
From: Sean Donelan <SEAN@SDG.DRA.COM>
Reply-To: list@inet-access.net
To: list@inet-access.net
Subject: Re: www.networksolutions.com hijacked

The latest news repots now have NSI's O'Shaughnessy saying the hack
was a spoofed domain modify template.  O'Shaughnessy didn't know what
type of security NSI had for its own domains.  So this may just be
another case like what happened to AOL, when someone sent in an modify
template with a forged e-mail, and NSI processed it.  I don't know what
type of security NSI has for the new registry functions, since NSI has
declared their registry protocol a trade secret.  NSI made an "emergency
zone release" to correct the information in its zone files.  Since NSI
has blocked access to the zone files, I can't independently verify
their story.  The old story, security by obscurity.

Despite NSI's attempt to associate ICANN with the hack, by saying
it came from the same office building in which ICANN has its offices,
it now appears ICANN had *NOTHING* to do with it.  Further, it appears
that no independently operated root-name servers where "hacked."  Instead
it appears NSI's own registration systems where "hacked."

Sean Donelan, Data Research Associates, Inc, St. Louis, MO
  Affiliation given for identification not representation
Send 'unsubscribe' in the body to 'list-request@inet-access.net' to leave.
Eat sushi frequently.   inet@inet-access.net is the human contact address.