A Deep Dive on the Recent Widespread DNS Hijacking

• Previous message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Markmonitor runs a registrar popular with fortune 500s that implements
additional security steps, and talking to a clued in live human in the loop
to modify anything in your domain record.

On Mon, Feb 25, 2019, 6:03 PM <valdis.kletnieks at vt.edu> wrote:

> On Mon, 25 Feb 2019 18:23:44 -0700, Paul Ebersman said:
>
> > Agreed. But this also gets down to the risk vs hassle tradeoff. Joe's
> > Bait & Tackle Shop probably isn't getting attacked by nation states who
> > can hack SS7, so SMS text might be good enough. And certainly better
> > than just an 8 char plain text password.
>
> So what registries/registrars are supporting 2FA that's better than SMS?
> Or since 98% of domain names are Bait&Tackle type, is nobody bothering
> to support something for the 2% that could use it?
>
> Or is there a business opportunity lurking here? :)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190225/0d832946/attachment.html>

• Previous message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]