all your .gov netadmins are belong to us

Major Variola (ret) mv at cdc.gov
Sat Sep 21 16:20:24 PDT 2002


Wouldn't it be cool if a paki gunman shows up at a .gov NOC, just like
he did at the CIA some years back?

http://www.securitynewsportal.com/cgi-bin/cgi-script/csNews/csNews.cgi?database=JanR.db&command=viewone&id=122&op=t

                    VeriSign Inc has stopped providing access to
information about the .gov internet domain, which is restricted to
                    US government bodies, over concerns the data could
be used in planning internet attacks, ComputerWire has
                    learned. On September 16, the company posted a
notice on its web site saying that from September 13 (three
                    days earlier) it would no longer provide FTP access
to the so-called "zone file" for .gov, which contains the IP
                    addresses of all the name servers that point to .gov
domains. Ken Silva, VeriSign's director of networks and
                    security, told ComputerWire the company had removed
access to information "of potential value to hackers", and
                    that the decision was made "in conjunction with" the
General Services Administration, which administers the .gov
                    zone file.

                    Silva pointed out that while VeriSign manages the
.com, .org and .net zone files, and continues to make those
                    available to those willing to enter a no-cost
agreement with the company, it does not run .gov, and merely made
                    the data available as a free informational service.
Malicious hackers wanting to take down government web sites
                    would hypothetically be able to do so by
denial-of-service attacking the name servers associated with .gov
                    domains. It was not immediately clear if the .gov
zone file data is made available in bulk from other sources, but
                    the GSA does not seem to do so. Also removed from
the FTP site was the zone file for in-addr.arpa, which is
                    used for reverse-DNS lookups (when somebody wants to
find out what domain is associated with an IP address,
                    rather than the other way around)

                    It seems so logical to take that .gov WHOIS info
offline that you have to wonder why it wasn't done
                    last year. After all, who really needs to do WHOIS
look ups on government sites except hackers, mail
                    spammers that are harvesting government email
addresses and fearful folks who like checking where
                    the IP's of mysterious visitors to their web sites
originate from... I wonder whether the same will be
                    done for the .edu and .mil which also are prime
targets..





More information about the cypherpunks-legacy mailing list