Domain hijacking, InterNIC loopholes

Rishab Aiyer Ghosh rishab at best.com
Fri Feb 2 08:37:26 PST 1996


David Mazieres wrote:
> How can you say there are no routers?  The verification process is a
> confirmation E-mail message.  To intercept this you must compromise a
> router, a nameserver, or the host on which the domain administrator
> reads mail.  Since there often are multiple domain administrators
> on different networks, I stand my my statement that it would require
> multiple active attacks, etc.

The confirmation message is sent to the address
requesting an update. This could be anyone. To take
a real example, my dxm.org domain was modified by
hostmaster at best.com - neither the existing admins,
nor root at dxm.org received any confirmation, as the request
was sent from another address. The InterNIC does NOT
require domain update requests to be sent by admins - 
that is, in fact, the simplest level of authentication
that will be introduced by the InterNIC Guardian Object.

Rishab






More information about the cypherpunks-legacy mailing list