RE: DomainSiren.com Whois records alert service

["Roeland Meyer (E-mail)" <rmeyer () mhsc com>]

Cute dude. OTOH, this probably has enough operational content to merit posting to NANOG. Now all we need is for some 
script-kiddee to figure it out <groan>.

> Behalf Of domainiac
> Sent: Saturday, May 06, 2000 4:08 PM
>
> I figured out a way to completely hijack a domain in less 
> than week under
> the new shared system.  And by hijack I do not mean simply 
> redirect the DNS,
> etc. I mean completely change the whois record to a new 
> owner.  I won't post
> specific directions but I am sure others could do the same 
> trick as it is
> not that complicated.  I passed the specific directions onto 
> ICANN but who
> knows if they are likely to do anything.  The vulnerability 
> only applies to
> NSI domains with MAIL-FROM (or when their CRYPT-PW system screws up).
>
> I set up an automated system that reads both the registry and 
> registrar
> records, compares it the stored records, and automatically 
> e-mails contacts
> with the changed info.  It also can be used to track domains 
> about to be
> released.
>
> http://DomainSiren.com
>
> Russ Smith
> http://ChangeYourDomain.com