[28123] in North American Network Operators' Group
Re: NSI's registrar db hacked
daemon@ATHENA.MIT.EDU (Rodney Joffe)
Thu Apr 13 16:18:58 2000
Message-ID: <38F62AFF.4C45960A@centergate.com>
Date: Thu, 13 Apr 2000 13:15:59 -0700
From: Rodney Joffe <rjoffe@centergate.com>
MIME-Version: 1.0
To: bill@daze.net
Cc: NANOG <nanog@merit.edu>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
bill@daze.net wrote:
> Nothing new here. Network Solutions has known about the MAIL-FROM problem
> for years, yet they refuse to do anything about it.
Doh. Didn't realize it was the same old thing. This seems like such a
trivial problem to solve...
a) force guardian (crypt-pw seems the most reliable) on all new domain
registrations
b) with NSI's next spam to their customer database, lead people forcibly
to guardian (crypt-pw again)
c) use a mail system that scales, so that 1 week delays don't happen.
One good thing I've noticed in the last week or so - if someone attempts
to register a domain, or modify a domain, to use your nameservers, your
nameserver contacts get an email. Of course, in typical NSI style, the
email is non-intuitive. And in typical NSI style, although it says you
must "ack" for it to go through, it goes through anyway. But it's a
start... at least you know that someone is trying to use your dns.
--
Rodney Joffe
CenterGate Research Group, LLC.
http://www.centergate.com
"Technology so advanced, even we don't understand it!"(SM)
