Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: NSI's registrar db hacked

  • From: Rodney Joffe
  • Date: Thu Apr 13 16:20:49 2000



bill@daze.net wrote:

> Nothing new here.  Network Solutions has known about the MAIL-FROM problem
> for years, yet they refuse to do anything about it.

Doh. Didn't realize it was the same old thing. This seems like such a
trivial problem to solve...

a) force guardian (crypt-pw seems the most reliable) on all new domain
registrations
b) with NSI's next spam to their customer database, lead people forcibly
to guardian (crypt-pw again)
c) use a mail system that scales, so that 1 week delays don't happen.

One good thing I've noticed in the last week or so - if someone attempts
to register a domain, or modify a domain, to use your nameservers, your
nameserver contacts get an email. Of course, in typical NSI style, the
email is non-intuitive. And in typical NSI style, although it says you
must "ack" for it to go through, it goes through anyway. But it's a
start... at least you know that someone is trying to use your dns.

-- 
Rodney Joffe
CenterGate Research Group, LLC.
http://www.centergate.com
"Technology so advanced, even we don't understand it!"(SM)





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.