|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: The out-of-domain NS registration attack
From: David Terrell (dbt
MEAT.NET)Date: Tue Mar 14 2000 - 20:08:49 CST
- Next message: Chris Brenton: "Re: Our old friend Firewall-1"
- Previous message: Darren Reed: "Re: Update: Extending the FTP "ALG" vulnerability to any FTP client"
- In reply to: D. J. Bernstein: "The out-of-domain NS registration attack"
- Next in thread: Sanford Whiteman: "Re: The out-of-domain NS registration attack"
- Reply: David Terrell: "Re: The out-of-domain NS registration attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Mar 14, 2000 at 01:45:12AM -0000, D. J. Bernstein wrote:
> The attacker then registers a new domain with NSI, using ns1.jsnet.com
> as the domain's server name, but his own IP address for ns1.jsnet.com:
>
> zerosecurity.com NS ns1.jsnet.com
> ns1.jsnet.com A 5.6.7.8
Have you verified this is possible? The last time I checked, NSI
would only allow new host registration from the appropriate contact
of the domain the host is in.
-- David Terrell | p = "you are nasty" q = "my first name is Janet" Nebcorp PM | r = "my first name is baby" s = "My name is Miss Jackson" dbt
- Next message: Chris Brenton: "Re: Our old friend Firewall-1"
- Previous message: Darren Reed: "Re: Update: Extending the FTP "ALG" vulnerability to any FTP client"
- In reply to: D. J. Bernstein: "The out-of-domain NS registration attack"
- Next in thread: Sanford Whiteman: "Re: The out-of-domain NS registration attack"
- Reply: David Terrell: "Re: The out-of-domain NS registration attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]