domain hijacking - what do you do to prepared?

Gadi Evron ge at
Mon Jan 17 00:24:14 UTC 2005

Until today, I considered this to be a real and relevant threat, 
although rather low in my matrix.

As someone I know said today, now that kiddies saw how much "fun" this 
is, I am sure they will attempt this again.

The question that comes to mind is - what do you do to be prepared?

I suppose that other than setting registrar lock in place, there is 
another thing one can do.


Whether it's checking the expiration date for your domain, establishing 
contact with your up-in-line authority - registrar, tld, etc. depending 
on who you are.
Having the relevant contact information at hand, establishing a set 
policy on how to handle such an incident and who to contact, bugging 
your next-in-chain about setting a policy on this with you, as well as 
setting such a policy for those who are slaves to you.

That said, all that is left now is to see how this happened (so that it 
won't happen again - just killing a fire doesn't mean it won't be 
re-ignited) and perhaps think a bit on how we do things - which I am 
sure many will now do.

Maybe this can be another discussion issue for the next NANOG 
get-together as well?


More information about the NANOG mailing list