A Deep Dive on the Recent Widespread DNS Hijacking

• Previous message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Feb 25, 2019, at 09:25 , Paul Ebersman <list-nanog2 at dragon.net> wrote:
> 
> ebersman> If someone owns your registry account, you're screwed. And
> ebersman> right now, it tends to be the most neglected part of the
> ebersman> entire zone ownership world. Let's use this opportunity to
> ebersman> help folks lock down their accounts, not muddying the waters
> ebersman> with dubious claims.
> 
> Reread this and felt I should clarify that I realize that John and Doug
> are not the ones saying DNSSEC is useless. I just hate to see the knee
> jerk "oh, see, DNSSEC didn't save the day so it's obviously
> useless". Let's give the world a better explanation.

@Paul — I think you meant “registrar account” rather than “registry account”
since most domain holders don’t have registry accounts. Registry accounts are
primarily held by registrars. If someone owns a registrar’s registry account, then
all of their customers (and potentially many many others) are screwed.

Owen

• Previous message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]