Security Incidents mailing list archives
Re: Nike Site taken over
From: aviram () JENIK COM (Aviram Jenik)
Date: Sat, 24 Jun 2000 17:04:12 +0300
Hi.
From what I've heard, this sounds like a DNS hijacking attack. I'd be interested to know how common this is... Fromwhat I've heard it's not really a 'DNS hijacking' but rather a change
in Network Solution's registration (domain hijacking). You'll be amazed how common this is, and what amazes me more is that despite the fact this is a very easy procedure (take a look at our article called 'Domain Hijacking: A step by step guide': http://www.securiteam.com/securitynews/Domain_Hijacking__A_step-by-step_guid e.html ) people do not take the natural step to secure their web sites. This attack is even easier than your average script-kiddie attack: it doesn't even need a compiler. When we published the above article (over 4 months ago) we thought the domain hijacking wave might change something in either hostmaster's way of thinking or network solution's authorization procedure. But I guess people are more interested in placing another bolt on their armored front door instead of closing their living room window. Aviram Jenik Beyond Security Ltd. http://www.BeyondSecurity.com http://www.SecuriTeam.com
Current thread:
- Re: Connections to port 635 ??, (continued)
- Re: Connections to port 635 ?? Bill (Jun 23)
- stranger ftp kill Max Gribov (Jun 23)
- Re: stranger ftp kill frank () STUDENT2 RUG AC BE (Jun 23)
- Re: stranger ftp kill jose (Jun 26)
- Re: Connections to port 635 ?? Ben Laws (Jun 23)
- Re: Connections to port 635 ?? Robert Graham (Jun 23)
- Nike Site taken over F_SecurityList Jo (Jun 21)
- Re: Nike Site taken over Steve (Jun 22)
- Re: Nike Site taken over Ex Machina (Jun 22)
- Re: Nike Site taken over Joel de la Garza (Jun 23)
- Re: Nike Site taken over Aviram Jenik (Jun 24)
- Re: Nike Site taken over Valdis Kletnieks (Jun 26)
- funky syslog entry klug (Jun 26)
- Re: funky syslog entry Valdis Kletnieks (Jun 27)
- Re: funky syslog entry Jens Hektor (Jun 27)
- Re: funky syslog entry Erich Meier (Jun 28)
- Re: funky syslog entry Sean Michael Whipkey (Jun 28)
- blind forwards Keith McCammon (Jun 28)
- Re: blind forwards Ex Machina (Jun 29)
- Re: blind forwards Brock Norvell (Jun 29)
- Re: blind forwards John Hall (Jun 29)