North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: NSI's registrar db hacked
- From: Rodney Joffe
- Date: Thu Apr 13 16:20:49 2000
bill@daze.net wrote:
> Nothing new here. Network Solutions has known about the MAIL-FROM problem
> for years, yet they refuse to do anything about it.
Doh. Didn't realize it was the same old thing. This seems like such a
trivial problem to solve...
a) force guardian (crypt-pw seems the most reliable) on all new domain
registrations
b) with NSI's next spam to their customer database, lead people forcibly
to guardian (crypt-pw again)
c) use a mail system that scales, so that 1 week delays don't happen.
One good thing I've noticed in the last week or so - if someone attempts
to register a domain, or modify a domain, to use your nameservers, your
nameserver contacts get an email. Of course, in typical NSI style, the
email is non-intuitive. And in typical NSI style, although it says you
must "ack" for it to go through, it goes through anyway. But it's a
start... at least you know that someone is trying to use your dns.
--
Rodney Joffe
CenterGate Research Group, LLC.
http://www.centergate.com
"Technology so advanced, even we don't understand it!"(SM)
|
