Feds pull the domain name plug on State of California

[David Farber <dfarber () cs cmu edu>]

Begin forwarded message:

From: dewayne () warpspeed com (Dewayne Hendricks)
Date: October 5, 2007 9:55:41 AM EDT
To: Dewayne-Net Technology List <xyzzy () warpspeed com>
Subject: [Dewayne-Net] Feds pull the domain name plug on State of  
California

Feds pull the domain name plug on State of California

By Robert McMillan, IDG News Service, 10/04/07

<http://www.networkworld.com/news/2007/100407-feds-pull-ca-gov- 
domain.html>

The Federal government pulled the plug on the ca.gov Web domain used  
by the State of California on Tuesday, setting into motion a chain of  
events that threatened to grind government business to a standstill  
within the state.
State IT staffers were able to fix the problem within a few hours,  
narrowly averting disaster, but the situation shed light on what  
observers are calling a shocking weakness in the state's IT  
infrastructure.

The story behind the shutdown, and how the U.S. General Services  
Administration (GSA) came within hours of shutting down the State of  
California's Internet presence, is a complex one, but as with so many  
stories on the Internet, it begins with pornography.

In early September the Transportation Authority of Marin, a ten- 
person agency charged with managing transportation funding in Marin  
County, California, discovered that the servers that handled the  
agency's Web and domain name service had been hacked and were being  
used to create links to pornographic Web sites.

Domain name servers are used to translate the www.website.com domain  
names we type into our browsers into numerical IP addresses, used by  
computers. Together these DNS servers form a Web-like database  
telling all of the computers on the Internet how to find each other.  
In the case of the Transportation Authority, there was one  
authoritative server responsible for telling all other DNS servers  
where to find computers operating within the tam.ca.gov domain.

The agency spent a frustrating two weeks trying to get its Internet  
service provider, StartLogic, to resolve the problem, said Dianne  
Steinhauser, executive director of the Transportation Authority of  
Marin. Then in mid-September it delegated domain name server  
authority for the Transportation Authority's domain to the ca.gov  
name server, run by the state's Department of Technology Services,  
she said. That meant that the state's servers and not StartLogic's  
were now responsible for keeping the authoritative domain record for  
tam.ca.gov.

Unfortunately, it also meant that if an outside observer believed  
that the DNS server responsible for tam.ca.gov had been hacked, he  
might have assumed that the ca.gov name server was compromised as  
well. And that, apparently, is where the trouble really began for the  
State of California.

On Tuesday, at around 2 p.m., the federal organization responsible  
for managing the .gov top level domain pulled the plug on the ca.gov  
domain, according to Jim Hanacek, a public information officer with  
California's Department of Technology Services. The "ca.gov domain  
was removed as a valid address by the federal GSA, who has an office  
that oversees the use of the .gov domain," he said.

[snip]



-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com