[77230] in North American Network Operators' Group
domain hijacking - what do you do to prepared?
daemon@ATHENA.MIT.EDU (Gadi Evron)
Sun Jan 16 19:16:00 2005
Date: Mon, 17 Jan 2005 02:24:14 +0200
From: Gadi Evron <ge@linuxbox.org>
To: nanog list <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
Until today, I considered this to be a real and relevant threat,
although rather low in my matrix.
As someone I know said today, now that kiddies saw how much "fun" this
is, I am sure they will attempt this again.
The question that comes to mind is - what do you do to be prepared?
I suppose that other than setting registrar lock in place, there is
another thing one can do.
Study!
Whether it's checking the expiration date for your domain, establishing
contact with your up-in-line authority - registrar, tld, etc. depending
on who you are.
Having the relevant contact information at hand, establishing a set
policy on how to handle such an incident and who to contact, bugging
your next-in-chain about setting a policy on this with you, as well as
setting such a policy for those who are slaves to you.
That said, all that is left now is to see how this happened (so that it
won't happen again - just killing a fire doesn't mean it won't be
re-ignited) and perhaps think a bit on how we do things - which I am
sure many will now do.
Maybe this can be another discussion issue for the next NANOG
get-together as well?
Gadi.
