Re: "Domain Names Hijacked" news article

From: David Gregg (dgregg@dgsoft.com)
Date: Thu Jun 01 2000 - 16:05:25 EDT

Next message: James H. Cloos Jr.: "Re: Doing a Whois on a DNS host?"
Previous message: Frank Lemire: "Re: Network Solutions - ATTENTION - what's happening with this? (fwd)"
Maybe in reply to: John MacLeod: ""Domain Names Hijacked" news article"
Next in thread: Lance Woodson: "Re: "Domain Names Hijacked" news article"
Reply: Lance Woodson: "Re: "Domain Names Hijacked" news article"
Reply: William X. Walsh: "Re[2]: "Domain Names Hijacked" news article"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Actually, many months ago, NSI did send out warnings regarding domain
records and mail-from issues. They recommended that the domain owners
change from mail-from immediately because it is possible to forge the email
addresses.

-----Original Message-----
From: Todd Ashworth <admin@quickdesigns.com>
To: discuss-list@opensrs.org <discuss-list@opensrs.org>
Date: Thursday, June 01, 2000 1:00 PM
Subject: Re: "Domain Names Hijacked" news article

>Yeah .. just one more example of NSI's unwillingness to get off their butts
>and do anything. This has been a problem for quite a while now. I first
>became aware of it about 8 months ago. NSI has known about it for a good
>while too .. at least those 8 months, probably longer. Do they fix it?
No!
>Do they bother to warn anyone about it? No! That's one of the many reasons
>I abandoned them altogether.
>
>I still have a few domains with them and if I weren't afraid they would
>screw it up, I would transfer them to another registrar. I at least
changed
>my authentication scheme from E-mail to password, which supposedly fixes
the
>problem. It's very simple .. you would think NSI would warn people .. ya
>know?
>
>I'm just waiting for the day when some smart@$$ goes and finds a very high
>profile name that they can steal. Then I'll laugh as NSI gets slapped with
>a lawsuit for negligence. They probably have one of those super nifty
>clauses that says they aren't responsible for anything that ever did or
ever
>will happen even if they do it on purpose, but that never stopped anyone
>from getting sued ;)
>
>Considering that the 'exploit' is centered around forged E-mail requests to
>make the changes and the way NSI's system handles those E-mails, I would
>assume that the problem is specific to them and does not affect any OpenSRS
>registrars ... right?
>
>Todd
>
>----- Original Message -----
>From: "John MacLeod" <john@macleodweb.com>
>To: <discuss-list@opensrs.org>
>Sent: Thursday, June 01, 2000 1:41 PM
>Subject: "Domain Names Hijacked" news article
>
>
>| Check out this article "Domain names hijacked in brazen new Net scam" in
>| todays' (June 1, 2000) Toronto Star...
>|
>|
>http://www.thestar.com/thestar/editorial/updates/business/20000601NEW01d_CI
-
>| DOMAIN1.html
>|
>| This can't be good for anybody. Any comments...
>|
>| John MacLeod
>| john@macleodweb.com
>|
>|
>
>

Next message: James H. Cloos Jr.: "Re: Doing a Whois on a DNS host?"
Previous message: Frank Lemire: "Re: Network Solutions - ATTENTION - what's happening with this? (fwd)"
Maybe in reply to: John MacLeod: ""Domain Names Hijacked" news article"
Next in thread: Lance Woodson: "Re: "Domain Names Hijacked" news article"
Reply: Lance Woodson: "Re: "Domain Names Hijacked" news article"
Reply: William X. Walsh: "Re[2]: "Domain Names Hijacked" news article"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:37 EDT