watch your domain

• Previous message (by thread): watch your domain
• Next message (by thread): FYI - IX-Denver Call for Volunteers (3 Board Seats up for Election)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

https://medium.com/@gszathmari/hacking-law-firms-abandoned-domain-name-attack-560979e0b774

tl;dr: Expired domain names re-registered by malicious actors after the
redemption period are useful for all sorts of mischief.

This is a pretty easy to understand read for non-technical management types
at customer organizations, who might not understand the importance of how a
domain name and its authoritative DNS server records are the single point
of failure under a lot of important stuff.



On Tue, Sep 4, 2018 at 11:42 AM Randy Bush <randy at psg.com> wrote:

> tl;dr: control the domains you use
>
> the domain rain.net was on since the early '90s.  it used to be the
> domain of the isp which became verio which became ntt.  lots of local
> portland folk had subdomains, email, ...
>
> well, with zero notice, ntt seems to have flogged it off to someone who
> does not give a damn, and a lot of folk's email and so forth is dead
> dead dead.  packets and smtp falling on the floor.
>
> a friend once gave me a tee shirt which says "god helps those who own a
> majority share."  the corollary is that the goddess helps those who own,
> or otherwise control, the domains on which they rely.
>
> randy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20180905/8593d6ab/attachment.html>

• Previous message (by thread): watch your domain
• Next message (by thread): FYI - IX-Denver Call for Volunteers (3 Board Seats up for Election)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]