Craigslist hacked?

• Previous message (by thread): Craigslist hacked?
• Next message (by thread): Craigslist hacked?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Nov 24, 2014, at 4:18 PM, Randy Epstein <nanog at hostleasing.net> wrote:
> 
> Actually, he didn’t hack its records either.  He exploited a bug in BIND.


...returned a legit response plus a tacked-on glue record for www.internic.net anytime you queried his nameserver, which he tricked people into doing with mixtures of sending you mail, hitting open DNS servers with queries for his domain, and another thing I still don't want to talk about.


Paul was more widely quoted and knew his BIND vulnerability better; he can always out-pedant me on this one.

I did get a few press quotes, though.

Your fu is weak, Randyhopper.  Train harder!   ;-)

George William Herbert
Sent from my iPhone

• Previous message (by thread): Craigslist hacked?
• Next message (by thread): Craigslist hacked?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]