Re: Craigslist hacked?

[Mark Andrews <marka () isc org>]

In message <D09934E0.BE620%nanog () hostleasing net>, Randy Epstein writes:
> On 11/24/14, 7:16 PM, "George Herbert" <george.herbert () gmail com> wrote:
>
> > He didn't hack the registry, he hijacked its records.  And this is far
> > from the first time a registry account was hacked.  But, yeah, *still*
> > not secure enough.
>
> Actually, he didn’t hack its records either.  He exploited a bug in BIND.

And your evidence for that is what?  Feel free to send to
security-officer () isc org.

Mark
 
> > George William Herbert
> > Sent from my iPhone
> >
> > > On Nov 24, 2014, at 2:17 PM, Randy Epstein <nanog () hostleasing net>
> > > wrote:
> > >
> > > > On 11/24/14, 5:08 PM, "Michael T. Voity" <mvoity () uvm edu> wrote:
> > > >
> > > > I hate to say this, But I think that Network Operators have not see
> the
> > > > last of of this DNS Hijacking. Craigslist might have been a test to
> see
> > > > how far they could get and how long it would take for it to be
> > > > discovered.   I hope the FBI and the other Federal agencies out there
> > > > are involved with Craigslist to determine how this happened and put in
> > > > safeguards in place to help prevent this from happening again.
> > > >
> > > > -Mike
> > > >
> > > > Michael T. Voity
> > > > Network Engineer
> > > > University of Vermont
> > >
> > > Anyone heard from Eugene Kashpureff lately?
> > >
> > > Hello 1996.  :)

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org