nanog mailing list archives
RE: DomainSiren.com Whois records alert service
From: "Roeland Meyer (E-mail)" <rmeyer () mhsc com>
Date: Sat, 6 May 2000 17:09:57 -0700
Cute dude. OTOH, this probably has enough operational content to merit posting to NANOG. Now all we need is for some script-kiddee to figure it out <groan>.
Behalf Of domainiac Sent: Saturday, May 06, 2000 4:08 PM I figured out a way to completely hijack a domain in less than week under the new shared system. And by hijack I do not mean simply redirect the DNS, etc. I mean completely change the whois record to a new owner. I won't post specific directions but I am sure others could do the same trick as it is not that complicated. I passed the specific directions onto ICANN but who knows if they are likely to do anything. The vulnerability only applies to NSI domains with MAIL-FROM (or when their CRYPT-PW system screws up). I set up an automated system that reads both the registry and registrar records, compares it the stored records, and automatically e-mails contacts with the changed info. It also can be used to track domains about to be released. http://DomainSiren.com Russ Smith http://ChangeYourDomain.com
Current thread:
- RE: DomainSiren.com Whois records alert service Roeland Meyer (E-mail) (May 06)