Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: fwd: Re: [registrars] Re: panix.com hijacked

  • From: william(at)elan.net
  • Date: Mon Jan 17 00:35:28 2005


On Sun, 16 Jan 2005, Joe Maimon wrote:

> Thus justifying those who load their NS and corresponding NS's A records 
> with nice long TTL

Although this wasn't a problem in this case (hijacker did not appear to 
have been interested in controlling dns since it points to default domain
registration and under construction page), but long TTL trick could be 
used by hijackers - i.e. he gets some very popular domain, changes dns to 
the one he controls and purposely sets long TTL. Now even if registrars 
are able to act quickly and change registration back, those who cached new
dns data would keep it for quite long in their cache.

P.S. Just in case I chose not to send this info until panix.com had been
restored, but we really do need to deal with how it occurred in the first
place - even short term damage is bad so we need to have policies at ICANN 
that do no allow unauthorized transfers or else all domains can be "LOCKED"
by default by registrars which effectively does the same.

-- 
William Leibzon
Elan Networks
william@elan.net





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.