Information Security News mailing list archives
GreatDomains gets spoofed
From: William Knowles <wk () C4I ORG>
Date: Sun, 18 Jun 2000 12:23:05 -0500
http://www.upside.com/News/3949151c0.html June 15, 2000 by Ben Charny Online domain name hijackers nabbed perhaps one of their biggest prizes this week, when they were able to take control of GreatDomains.com, the domain name clearinghouse. The hijacking, known in darker circles of the Internet as "spoofing," is the seventh such incident in the past two weeks on a Network Solutions-hosted site and the 12th since January. It has prompted a warning to Network Solutions' (NSOL) million customers about pumping up security. The FBI is investigating the attacks, but a spokesman said it could not comment. The spoofers may be exploiting a flaw in the system that links nonprofit Internet Corporation For Assigned Names and Numbers, which maintains the Web's domain name database, and some of the 80 private companies with access. Accessed through database The latest attack took place sometime on Tuesday, according to sources, when GreatDomains' customers noticed the site wasn't working. Apparently, the hijackers were able to access GreatDomains' administrative contact information from Network Solution's database, then changed and redirected traffic to another registrar. Network Solutions spokesman Brian O'Shaughnessy said the hijacking of GreatDomains.com was corrected within minutes of being noticed. He said it was more of a nuisance "like graffiti." He said the same person or persons able who hijacked the domain names of other high-profile sites might have conducted the latest spoofing. Calls to GreatDomains were not returned. Tech news site Internet.com was also struck in the last two weeks. Its CEO, Alan Meckler, said his own engineers were able to catch the spoofing before traffic could get redirected. He said his site didn't suffer any problems. Not too bad, but ... "The damage could have been huge. What if your traffic gets directed to, let's say, a porn site? What would your advertisers think?" Meckler said. Other sites that were spoofed include Sex.Net and Bali.com. Web.net, which has 3,500 customers and supports about 700 websites, lost control of its sites for a few days. Network Solutions is now reminding its nearly one million users of a series of online security measures available to them, including encrypted passwords, O'Shaughnessy said. "Overall, the efficiency of the system can't be questioned," he said. "Unfortunately, there are instances, which do occur. Fortunately, they occur very infrequently." "We do have a security system now. Some people choose not to use it, however. We're conducting a campaign to raise people's awareness." *-------------------------------------------------* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen. Alfred. M. Gray, USMC --------------------------------------------------- C4I Secure Solutions http://www.c4i.org *-------------------------------------------------* ISN is sponsored by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- GreatDomains gets spoofed William Knowles (Jun 19)