Craigslist hacked?

Mark Andrews marka at isc.org
Tue Nov 25 00:51:23 UTC 2014


In message <D09934E0.BE620%nanog at hostleasing.net>, Randy Epstein writes:
> On 11/24/14, 7:16 PM, "George Herbert" <george.herbert at gmail.com> wrote:
>
> >
> >He didn't hack the registry, he hijacked its records.  And this is far
> >from the first time a registry account was hacked.  But, yeah, *still*
> >not secure enough.
>
> Actually, he didn’t hack its records either.  He exploited a bug in BIND.

And your evidence for that is what?  Feel free to send to
security-officer at isc.org.

Mark
 
> >George William Herbert
> >Sent from my iPhone
> >
> >> On Nov 24, 2014, at 2:17 PM, Randy Epstein <nanog at hostleasing.net>
> >>wrote:
> >>
> >>> On 11/24/14, 5:08 PM, "Michael T. Voity" <mvoity at uvm.edu> wrote:
> >>>
> >>> I hate to say this, But I think that Network Operators have not see
> the
> >>> last of of this DNS Hijacking. Craigslist might have been a test to
> see
> >>> how far they could get and how long it would take for it to be
> >>> discovered.   I hope the FBI and the other Federal agencies out there
> >>> are involved with Craigslist to determine how this happened and put in
> >>> safeguards in place to help prevent this from happening again.
> >>>
> >>> -Mike
> >>>
> >>> Michael T. Voity
> >>> Network Engineer
> >>> University of Vermont
> >>
> >> Anyone heard from Eugene Kashpureff lately?
> >>
> >> Hello 1996.  :)
> >>
> >>
>
>

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org


More information about the NANOG mailing list