Information Security News mailing list archives
Re: GoDaddy pulls security site after MySpace complaints
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 31 Jan 2007 01:10:14 -0600 (CST)
Forwarded from: Times Enemy <times (at) krr.org> Greetings. I realize this is old news by now ... but ... As the author of this article hints, this could be a somewhat legal method for performing a fairly effective Denial-of-Service attack against a domain, just about any domain, even a highly respected security site such as seclists.org. In this particular instance, i would list GoDaddy as the perpetrator of the Denial-of-Service attack, with MySpace as the partner in crime. Perhaps this could be an organized crime outfit? So, it seems a new DOS tool may exist, which requires no download, no botnet, no international players, no high bandwidth, no real skill at all. All it takes is the ability to bully and slap domain registrars around, which apparently is pretty easy, considering a Network Solutions customer can scare the "largest registrar in the world" into doing its bidding. Seriously, force stronger passwords and this would be a non-issue. I am not familiar with the legal ramifications of archiving passwords, nor am i in the know with illegally hosting copyrighted material, but this whole thing causes me to wonder how much copyrighted data/material is being illegally hosted on the rather lame myspace domain.... I do not own thousands of domains, but i can probably have a hundred or so domains transferred out of godaddy. So who is offering secure and responsible domain registrar services these days? .times enemy -=- InfoSec News wrote:
http://news.com.com/GoDaddy+pulls+security+site+after+MySpace+complaints/2100-1025_3-6153607.html By Declan McCullagh Staff Writer, CNET News.com January 25, 2007 update - A popular computer security Web site was abruptly yanked offline this week by MySpace.com and GoDaddy, the world's largest domain name registrar, raising questions about free speech and Internet governance. MySpace demanded that GoDaddy pull the plug on Seclists.org, which hosts some 250,000 pages of mailing list archives and other resources, because a list of thousands of MySpace usernames and passwords was archived on the site. GoDaddy claims its customers own about 18 million domains. GoDaddy complied. In a move that Seclists.org owner Fyodor Vaskovich said happened with no prior notice, the company deleted his domain name--causing his site to be effectively unreachable for about seven hours on Wednesday until he found out what was happening and removed the password list. "They didn't tell me why they removed the site," Vaskovich, creator of the popular Nmap security auditing utility, said in a phone interview. "At a very minimum, we should get warning."
[...] _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
Current thread:
- GoDaddy pulls security site after MySpace complaints InfoSec News (Jan 25)
- <Possible follow-ups>
- Re: GoDaddy pulls security site after MySpace complaints InfoSec News (Jan 30)