[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [registrars] NSI hacked?

To: "Ross Wm. Rader" <ross@tucows.com>
Subject: Re: [registrars] NSI hacked?
From: Larry Erlich <erlich@domainregistry.com>
Date: Thu, 13 Apr 2000 17:22:00 -0400
CC: registrars@dnso.org
Organization: DomainRegistry.com - Netscott Operations
References: <Pine.LNX.4.10.10004131628490.4120-100000@xfiles2.idirect.com>
Sender: owner-registrars@dnso.org

Ross Wm. Rader wrote:
> 
> Are these the standard guardian/auth cracks that have floated by from time
> to time?

Exactly what it is. 

Larry Erlich

http://www.DomainRegistry.com

> 
> Hard info is tough to come by on this one - convo on the nanog list seems
> to indicated that the db was somehow compromised, but given the past
> failings of the mailfrom auth, your legacy thoughts seem to hold more
> weight...
> 
> On Thu, 13 Apr 2000, Larry Erlich wrote:
> 
> > This has to do with the legacy system that
> > NSI uses at the retail level to provide security.
> > I would give the details but list posts are
> > public so why provide the information?
> > In any case it has nothing to do with flaws
> > in RRP or anything Registrars get involved in or
> > have to worry about.
> >
> > Larry Erlich
> >
> > http://www.DomainRegistry.com
> >
> >
> >
> > Ross Wm. Rader wrote:
> > >
> > > I haven't seen anything mainstream on this and I wouldn't normally bring
> > > it up, but the whois output bothers me so here goes...
> > >
> > > Check out http://filmforce.ign.com/news/781.html for complete details, but
> > > as I read it, NSI was somehow "hacked" recently and some names were
> > > "hijacked". The reason that this bothers me is that the whois output for
> > > the affected names is different at the registrar and registry levels. Does
> > > this mean that a) the RRP may have been compromised? or b) that they used
> > > the registry to quickly fix the problem while they addressed the larger
> > > issue? or c) that this is just a false story and I shouldn't worry about
> > > it?
> > >
> > > Thanks,
> > >
> > > -RWR
> > >
> > > --------------------------------------------------------------
> > > Ross Wm. Rader                     http://www.domaindirect.com
> > > Director, Assigned Names Division       http://www.opensrs.org
> > > TUCOWS.com Inc.                     http://www.domainwatch.com
> > > ross@tucows.com                    http://www.domainsurfer.com
> > > --------------------------------------------------------------
> > > t. (416) 531-2697 x 335                      f. (416) 531-5584
> > > ----------------"Because-People-Need-Names"-------------------
> >
> 
> Thanks,
> 
> -RWR
> 
> --------------------------------------------------------------
> Ross Wm. Rader                     http://www.domaindirect.com
> Director, Assigned Names Division       http://www.opensrs.org
> TUCOWS.com Inc.                     http://www.domainwatch.com
> ross@tucows.com                    http://www.domainsurfer.com
> --------------------------------------------------------------
> t. (416) 531-2697 x 335                      f. (416) 531-5584
> ----------------"Because-People-Need-Names"-------------------

References:
- Re: [registrars] NSI hacked?
  - From: "Ross Wm. Rader" <ross@tucows.com>

Prev by Date: Re: [registrars] NSI hacked?
Next by Date: [registrars] IMPORTANT - WG-B
Prev by thread: Re: [registrars] NSI hacked?
Next by thread: [registrars] IMPORTANT - WG-B
Index(es):
- Date
- Thread