Bugtraq mailing list archives
Re: Anyone can take over virtually any domain on the net...
From: bryanf () SAMURAI COM (Bryan Fullerton)
Date: Sat, 15 Jan 2000 01:57:13 -0500
On Fri, Jan 14, 2000 at 10:26:44AM -0500, "BUGTRAQ () ROZZ COM" <BUGTRAQ () ROZZ COM> wrote:
This confims what I always thought; that there was a unique number in the response that was needed for the ACK.
True. If the domain is setup to require ACK before transferring. Many (most?) are setup to send the confirm email after the modify request is processed - by the time the contact actually reads their mail the modify may have gone thru to the root servers, and the domain may be in the hands of someone else. I really don't know what happens if you can double-transfer a domain before NSI receives back a NAK response to a confirm email. Spoofing mail from a contact is something I've done regularly in the past when customers leave an ISP and can no longer send/receive mail from/to the contact address, but want to transfer their domain to my servers. It's fairly trivial, and I suspect common practice amongst ISPs who can be bothered - many just say "transfer it yourself, let us know when it's done", avoiding the whole issue. I haven't done it to maliciously transfer a domain, only for the actual domain owner, but there's nothing really stopping anyone from sending in a request. Which is why most of my personal domains use CRYPT-PW as their Guardian setting instead of MAIL-FROM. :) Admittedly trivial to find out if anyone got ahold of my sent-mail folder or intercepted a request, but it's a small step up. Bryan -- Bryan Fullerton http://www.samurai.com/ Core Competency Samurai Consulting Can you feel the Ohmu call?
Current thread:
- Re: Anyone can take over virtually any domain on the net... Janos Zsako (Jan 13)
- <Possible follow-ups>
- Re: Anyone can take over virtually any domain on the net... Russ Johnson (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Ryan Russell (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Haight, Kristofer (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Max Vision (Jan 14)
- Re: Anyone can take over virtually any domain on the net... BUGTRAQ () ROZZ COM (Jan 14)
- Re: Anyone can take over virtually any domain on the net... Bryan Fullerton (Jan 14)
- Re: Anyone can take over virtually any domain on the net... Homer Wilson Smith (Jan 15)
- [support_feedback () us-support external hp com: Security Bulletins Digest] Patrick Oonk (Jan 17)
- Security hole in mail2web web-based emailservice Patrick Oonk (Jan 17)
- Re: Anyone can take over virtually any domain on the net... Brian Mueller (Jan 17)
- Re: Anyone can take over virtually any domain on the net... root (Jan 14)