Bugtraq mailing list archives

Re: Anyone can take over virtually any domain on the net...

From: njl98r () ECS SOTON AC UK (Nick Lamb)
Date: Sat, 15 Jan 2000 12:56:30 +0000


On Thu, Jan 13, 2000 at 02:35:02PM -0500, Shafik Yaghmour wrote:

      You make a pretty huge assumption that the administrator of
that domain will miss the response from network solutions or will do
nothing about it, both of which are not very good assumptions. Although I
do agree it should be more secure, I don't think it is necessarily easy,
it is possible someone could be lucky and do it but they would be dumb to
place any bets on it. After one attempt you would hope if the admin was
not using CRYPT-PW they would start using it.


No, we make the really tiny assumption that netsol are not lying when
they say the following in their documentation:

(this is in the section for people NOT using Guardian)

     If you submit a Service Agreement to modify the domain name
     registration from administrativecontact () example com, or if the
     technical contact sends one from technicalcontact () example com, the
     request will be processed and neither one of you will be notified
     at any time during the transaction.

Wake up! There is NO security for people who opt not to use Guardian,
even a small child can post fake-mail so the From: check is worth
absolutely nothing.

Nick.

Current thread:

ICQ Buffer Overflow Exploit, (continued)
- - - ICQ Buffer Overflow Exploit drew copley (Jan 11)
    - Re: ICQ Buffer Overflow Exploit Dennis W. Mattison (Little Wolf) (Jan 12)
    - Re: ICQ Buffer Overflow Exploit Michael DeSimone (Jan 13)
    - Re: ICQ Buffer Overflow Exploit Tom Schumm (Jan 14)
    - Re: ICQ Buffer Overflow Exploit Simon Steed (Jan 13)
    - Anyone can take over virtually any domain on the net... Thomas Reinke (Jan 11)
    - Re: Anyone can take over virtually any domain on the net... Jon Lewis (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Jeffrey Paul (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Chris Adams (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Shafik Yaghmour (Jan 13)
    - Re: Anyone can take over virtually any domain on the net... Nick Lamb (Jan 15)
    - Re: Anyone can take over virtually any domain on the net... Kurt Seifried (Jan 13)
    - Blinding BIND to a moving domain D. J. Bernstein (Jan 12)
    - Re: Blinding BIND to a moving domain Ken Gourlay (Jan 12)
    - CyberCash MCK 3.2.0.4: Large /tmp hole Sheldon Young (Jan 12)
    - Administrivia: ORBS Elias Levy (Jan 12)
    - WebSitePro/2.3.18 is revealing Webdirectories Lark Lizerman (Jan 12)
    - Re: Hotmail security hole - injecting JavaScript using <IMG Grahame Bowland (Jan 05)
  - Yet another Hotmail security hole - injecting JavaScript in IE using "@import url(javascript:...)" Georgi Guninski (Jan 06)
  - Security Bulletins Digest Aleph One (Jan 06)
- Re: Hotmail security hole - injecting JavaScript using <IMG Metal Hurlant (Jan 05)

(Thread continues...)