On Thu, 1 Jun 2000, Joe Baptista wrote:
>
> ---------- Forwarded message ----------
> Date: Thu, 1 Jun 2000 14:49:00 -0400
> From: Ron Bennett <bennett@WYOMISSING.COM>
> To: DOMAIN-POLICY@LISTS.INTERNIC.NET
> Subject: Re: Network Solutions - ATTENTION - what's happening with this?
>
> NO!! it's not the same usual MAIL-FROM security hole.
>
> In fact what the guy did was switch web.net to OpenSRS
> and then changed the Registrant. There needs to be a
> CENTRAL database of Registrants pronto! My greatest
> fears seem to be coming true just as I sadly expected :-(
>From the information I have been able to ascertain, what happened was that
the 'squatter' used NSI's MAIL-FROM auth scheme to change the contact
information for the Admin Contact of web.net to an email address he
controlled, he then initiated the transfer to OpenSRS, authorizing it with
the email address he controlled. This may have been an attempt to 'cover
his tracks'.
So from OpenSRS's perspective, we did everything just as we were supposed
to.
-- [ Frank Lemire ] [ OpenSRS Technical Operations ]
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:37 EDT