[27340] in North American Network Operators' Group
ARIN Database
daemon@ATHENA.MIT.EDU (Richard Jimmerson)
Sat Feb 12 19:15:02 2000
Reply-To: <richardj@arin.net>
From: "Richard Jimmerson" <richardj@arin.net>
To: <nanog@merit.edu>
Date: Sat, 12 Feb 2000 18:54:51 -0500
Message-ID: <000001bf75b4$8d5abb80$bdfc95c0@ARINNET>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Over the last week, an individual faked mail headers and
successfully changed the email addresses on the POC records
associated with a handful of Class A records in ARIN's database.
After successfully modifying the POC records, he modified the
inverse mapping servers listed on those Class A network records.
Once identified, corrections were made to the records in question.
We have spoken with the individual who appeared to have made the
unauthorized changes, however, he claims to have been hacked himself
and is not responsible for submitting the bogus modification requests.
He said his mailboxes looked fake and utmp entries had been tampered
with on his machine.
Prior to this incident, the ARIN engineering staff had been looking
into adding security mechanisms to our database. We would like to
invite the community to discuss possible security mechanisms that may
be implemented using the following mailing list:
Database Implementation Working Group
dbwg@arin.net
To join this mailing list, visit http://www.arin.net/members/mailing.htm
This mailing list is open to the public.
Regards,
American Registry for Internet Numbers (ARIN)
