nanog mailing list archives
Re: A Deep Dive on the Recent Widespread DNS Hijacking
From: Owen DeLong <owen () delong com>
Date: Mon, 25 Feb 2019 10:44:59 -0800
On Feb 25, 2019, at 09:25 , Paul Ebersman <list-nanog2 () dragon net> wrote: ebersman> If someone owns your registry account, you're screwed. And ebersman> right now, it tends to be the most neglected part of the ebersman> entire zone ownership world. Let's use this opportunity to ebersman> help folks lock down their accounts, not muddying the waters ebersman> with dubious claims. Reread this and felt I should clarify that I realize that John and Doug are not the ones saying DNSSEC is useless. I just hate to see the knee jerk "oh, see, DNSSEC didn't save the day so it's obviously useless". Let's give the world a better explanation.
@Paul — I think you meant “registrar account” rather than “registry account” since most domain holders don’t have registry accounts. Registry accounts are primarily held by registrars. If someone owns a registrar’s registry account, then all of their customers (and potentially many many others) are screwed. Owen
Current thread:
- RE: A Deep Dive on the Recent Widespread DNS Hijacking Montgomery, Douglas (Fed) via NANOG (Feb 24)
- RE: A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 24)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Montgomery, Douglas (Fed) (Feb 24)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Ca By (Feb 24)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Mark Andrews (Feb 24)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 24)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Töma Gavrichenkov (Feb 24)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Sander Steffann (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Owen DeLong (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking valdis . kletnieks (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Eric Kuhnke (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 25)
- Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Rubens Kuhl (Feb 25)
- RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 25)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Montgomery, Douglas (Fed) (Feb 24)
- RE: A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 24)