North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Whois records alert service

  • From: Roeland Meyer (E-mail)
  • Date: Sat May 06 20:13:35 2000

Cute dude. OTOH, this probably has enough operational content to merit posting to NANOG. Now all we need is for some script-kiddee to figure it out <groan>.

> Behalf Of domainiac
> Sent: Saturday, May 06, 2000 4:08 PM
> I figured out a way to completely hijack a domain in less 
> than week under
> the new shared system.  And by hijack I do not mean simply 
> redirect the DNS,
> etc. I mean completely change the whois record to a new 
> owner.  I won't post
> specific directions but I am sure others could do the same 
> trick as it is
> not that complicated.  I passed the specific directions onto 
> ICANN but who
> knows if they are likely to do anything.  The vulnerability 
> only applies to
> NSI domains with MAIL-FROM (or when their CRYPT-PW system screws up).
> I set up an automated system that reads both the registry and 
> registrar
> records, compares it the stored records, and automatically 
> e-mails contacts
> with the changed info.  It also can be used to track domains 
> about to be
> released.
> Russ Smith