[13377] in bugtraq
Re: Anyone can take over virtually any domain on the net...
daemon@ATHENA.MIT.EDU (Nick Lamb)
Mon Jan 17 15:18:01 2000
Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000115125629.A30079@ecs.soton.ac.uk>
Date: Sat, 15 Jan 2000 12:56:30 +0000
Reply-To: Nick Lamb <njl98r@ECS.SOTON.AC.UK>
From: Nick Lamb <njl98r@ECS.SOTON.AC.UK>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSF.3.96.1000113135001.3420A-100000@acm.poly.edu>; from
shafik@acm.poly.edu on Thu, Jan 13, 2000 at 02:35:02PM -0500
On Thu, Jan 13, 2000 at 02:35:02PM -0500, Shafik Yaghmour wrote:
> You make a pretty huge assumption that the administrator of
> that domain will miss the response from network solutions or will do
> nothing about it, both of which are not very good assumptions. Although I
> do agree it should be more secure, I don't think it is necessarily easy,
> it is possible someone could be lucky and do it but they would be dumb to
> place any bets on it. After one attempt you would hope if the admin was
> not using CRYPT-PW they would start using it.
No, we make the really tiny assumption that netsol are not lying when
they say the following in their documentation:
(this is in the section for people NOT using Guardian)
If you submit a Service Agreement to modify the domain name
registration from administrativecontact@example.com, or if the
technical contact sends one from technicalcontact@example.com, the
request will be processed and neither one of you will be notified
at any time during the transaction.
Wake up! There is NO security for people who opt not to use Guardian,
even a small child can post fake-mail so the From: check is worth
absolutely nothing.
Nick.
