[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Domain hijacking, InterNIC loopholes

To: [email protected] (Rishab Aiyer Ghosh)
Subject: Re: Domain hijacking, InterNIC loopholes
From: David Mazieres <[email protected]>
Date: Thu, 1 Feb 1996 04:26:14 -0500
Cc: [email protected], [email protected]
In-Reply-To: [email protected]'s message of Tue, 30 Jan 96 10:19:42 PST
References: <[email protected]>
Sender: [email protected]

I don't think Domain hijacking is a terribly big threat.  First of
all, the modification process insn't fully automated.  Second of all,
it takes several weeks for the changes to go through.  Before the
changes go through, the internic sends out mail to a bunch of people,
including all previous administrators and administrators of all
domains which contain old or new nameservers.

Thus, I'd say the domain modification process is slightly more secure
than First Virtual :-) :-) :-).  It relies on the security of the
network routers and existing nameservers, and requires one or more
active attacks or viruses to defeat.  Probably your best is to wait
for as many as possible of the relevant sysadmins to go on vacation,
and then mail-bomb them rest so hard they end up not reading all of
their real E-mail.  Then again, there's always the possibility that
the domain administrator knows how to use procmail...

David

Follow-Ups:
- Re: Domain hijacking, InterNIC loopholes
  - From: Rishab Aiyer Ghosh <[email protected]>

Prev by Date: RE: FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards
Next by Date: Re: Declan appearing on "Europe's Most Wanted"
Prev by thread: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards
Next by thread: Re: Domain hijacking, InterNIC loopholes
Index(es):
- Date
- Thread