Craigslist hacked?

Mark Andrews marka at isc.org
Tue Nov 25 01:00:05 UTC 2014


In message <FDF98A3E-6BDC-4D85-8826-B3B8DC6EC725 at gmail.com>, George Herbert writes:
> > On Nov 24, 2014, at 4:18 PM, Randy Epstein <nanog at hostleasing.net>
> wrote:
> >
> > Actually, he didn’t hack its records either.  He exploited a bug in
> BIND.
>
>
> ...returned a legit response plus a tacked-on glue record for
> www.internic.net anytime you queried his nameserver, which he tricked
> people into doing with mixtures of sending you mail, hitting open DNS
> servers with queries for his domain, and another thing I still don't want
> to talk about.
>
>
> Paul was more widely quoted and knew his BIND vulnerability better; he
> can always out-pedant me on this one.

More a protocol bug which lead to DNSSEC, which allows you to accept
a answer from anywhere so long as it is signed and validates as
secure, which most of you have yet to deploy.

> I did get a few press quotes, though.
>
> Your fu is weak, Randyhopper.  Train harder!   ;-)
>
> George William Herbert
> Sent from my iPhone

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org


More information about the NANOG mailing list