Re: watch your domain

[Eric Kuhnke <eric.kuhnke () gmail com>]

https://medium.com/@gszathmari/hacking-law-firms-abandoned-domain-name-attack-560979e0b774

tl;dr: Expired domain names re-registered by malicious actors after the
redemption period are useful for all sorts of mischief.

This is a pretty easy to understand read for non-technical management types
at customer organizations, who might not understand the importance of how a
domain name and its authoritative DNS server records are the single point
of failure under a lot of important stuff.



On Tue, Sep 4, 2018 at 11:42 AM Randy Bush <randy () psg com> wrote:

> tl;dr: control the domains you use
>
> the domain rain.net was on since the early '90s.  it used to be the
> domain of the isp which became verio which became ntt.  lots of local
> portland folk had subdomains, email, ...
>
> well, with zero notice, ntt seems to have flogged it off to someone who
> does not give a damn, and a lot of folk's email and so forth is dead
> dead dead.  packets and smtp falling on the floor.
>
> a friend once gave me a tee shirt which says "god helps those who own a
> majority share."  the corollary is that the goddess helps those who own,
> or otherwise control, the domains on which they rely.
>
> randy