nanog mailing list archives
Re: watch your domain
From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Wed, 5 Sep 2018 17:03:25 -0700
https://medium.com/@gszathmari/hacking-law-firms-abandoned-domain-name-attack-560979e0b774 tl;dr: Expired domain names re-registered by malicious actors after the redemption period are useful for all sorts of mischief. This is a pretty easy to understand read for non-technical management types at customer organizations, who might not understand the importance of how a domain name and its authoritative DNS server records are the single point of failure under a lot of important stuff. On Tue, Sep 4, 2018 at 11:42 AM Randy Bush <randy () psg com> wrote:
tl;dr: control the domains you use the domain rain.net was on since the early '90s. it used to be the domain of the isp which became verio which became ntt. lots of local portland folk had subdomains, email, ... well, with zero notice, ntt seems to have flogged it off to someone who does not give a damn, and a lot of folk's email and so forth is dead dead dead. packets and smtp falling on the floor. a friend once gave me a tee shirt which says "god helps those who own a majority share." the corollary is that the goddess helps those who own, or otherwise control, the domains on which they rely. randy
Current thread:
- watch your domain Randy Bush (Sep 04)
- Re: watch your domain bzs (Sep 04)
- Re: watch your domain Eric Kuhnke (Sep 05)