[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [registrars] NSI hacked?

To: Larry Erlich <erlich@domainregistry.com>
Subject: Re: [registrars] NSI hacked?
From: "Ross Wm. Rader" <ross@tucows.com>
Date: Thu, 13 Apr 2000 16:32:15 -0400 (EDT)
cc: registrars@dnso.org
In-Reply-To: <38F636C2.41C6@domainregistry.com>
Sender: owner-registrars@dnso.org


Are these the standard guardian/auth cracks that have floated by from time
to time?

Hard info is tough to come by on this one - convo on the nanog list seems
to indicated that the db was somehow compromised, but given the past
failings of the mailfrom auth, your legacy thoughts seem to hold more
weight...

On Thu, 13 Apr 2000, Larry Erlich wrote:

> This has to do with the legacy system that
> NSI uses at the retail level to provide security.
> I would give the details but list posts are
> public so why provide the information?
> In any case it has nothing to do with flaws
> in RRP or anything Registrars get involved in or
> have to worry about. 
> 
> Larry Erlich
> 
> http://www.DomainRegistry.com
> 
> 
> 
> Ross Wm. Rader wrote:
> > 
> > I haven't seen anything mainstream on this and I wouldn't normally bring
> > it up, but the whois output bothers me so here goes...
> > 
> > Check out http://filmforce.ign.com/news/781.html for complete details, but
> > as I read it, NSI was somehow "hacked" recently and some names were
> > "hijacked". The reason that this bothers me is that the whois output for
> > the affected names is different at the registrar and registry levels. Does
> > this mean that a) the RRP may have been compromised? or b) that they used
> > the registry to quickly fix the problem while they addressed the larger
> > issue? or c) that this is just a false story and I shouldn't worry about
> > it?
> > 
> > Thanks,
> > 
> > -RWR
> > 
> > --------------------------------------------------------------
> > Ross Wm. Rader                     http://www.domaindirect.com
> > Director, Assigned Names Division       http://www.opensrs.org
> > TUCOWS.com Inc.                     http://www.domainwatch.com
> > ross@tucows.com                    http://www.domainsurfer.com
> > --------------------------------------------------------------
> > t. (416) 531-2697 x 335                      f. (416) 531-5584
> > ----------------"Because-People-Need-Names"-------------------
> 


Thanks,

-RWR



--------------------------------------------------------------
Ross Wm. Rader                     http://www.domaindirect.com
Director, Assigned Names Division       http://www.opensrs.org    
TUCOWS.com Inc.                     http://www.domainwatch.com
ross@tucows.com                    http://www.domainsurfer.com
--------------------------------------------------------------
t. (416) 531-2697 x 335                      f. (416) 531-5584
----------------"Because-People-Need-Names"-------------------

Follow-Ups:
- Re: [registrars] NSI hacked?
  - From: Larry Erlich <erlich@domainregistry.com>

References:
- Re: [registrars] NSI hacked?
  - From: Larry Erlich <erlich@domainregistry.com>

Prev by Date: Re: [registrars] NSI hacked?
Next by Date: Re: [registrars] NSI hacked?
Prev by thread: Re: [registrars] NSI hacked?
Next by thread: Re: [registrars] NSI hacked?
Index(es):
- Date
- Thread