funsec mailing list archives
Saudi Hackers Change DNS Registration Information
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 23 Jan 2007 19:17:27 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via Zone-H News. [snip] It appears that Saudi Arabia crackers managed to get the passwords of our registrar (our registrant panel to be precise), accessed the domain management page and changed the DNS entries, pointing the zone-h domain to an IP address belonging to the crackers on which they mounted the page you saw in the last 48 hours. 48 hours!?! So long it took to take contact with the registrar (they work only through email communication), explain the problem to 8 different people then finally getting a reset of our credentials, taking the domain back in control. On the funny side, the same problem happened to Google in its German version which yesterday evening was redirected to a different page (different owner actually). [snip] More: http://www.zone-h.org/content/view/14498/31/ - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.2 (Build 4075) wj8DBQFFtl9Dq1pz9mNUZTMRAg9iAJkBY/G8g+eEZYx57a+wBH8xVINmHgCfUH1A 0ydsNNgMHWaU4/K4ZX5s8To= =tZax -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Saudi Hackers Change DNS Registration Information Fergie (Jan 23)