1996-02-02 - Re: Domain hijacking, InterNIC loopholes

Header Data

From: Rishab Aiyer Ghosh <rishab@best.com>
To: dm@amsterdam.lcs.mit.edu (David Mazieres)
Message Hash: 6b3fb9ed7574c5ab7a78451c782dead537afdcb4c8dded0814f25de63b99174c
Message ID: <199602021556.HAA27293@shellx.best.com>
Reply To: <199602011934.OAA23195@amsterdam.lcs.mit.edu>
UTC Datetime: 1996-02-02 16:37:26 UTC
Raw Date: Sat, 3 Feb 1996 00:37:26 +0800

Raw message

From: Rishab Aiyer Ghosh <rishab@best.com>
Date: Sat, 3 Feb 1996 00:37:26 +0800
To: dm@amsterdam.lcs.mit.edu (David Mazieres)
Subject: Re: Domain hijacking, InterNIC loopholes
In-Reply-To: <199602011934.OAA23195@amsterdam.lcs.mit.edu>
Message-ID: <199602021556.HAA27293@shellx.best.com>
MIME-Version: 1.0
Content-Type: text/plain


David Mazieres wrote:
> How can you say there are no routers?  The verification process is a
> confirmation E-mail message.  To intercept this you must compromise a
> router, a nameserver, or the host on which the domain administrator
> reads mail.  Since there often are multiple domain administrators
> on different networks, I stand my my statement that it would require
> multiple active attacks, etc.

The confirmation message is sent to the address
requesting an update. This could be anyone. To take
a real example, my dxm.org domain was modified by
hostmaster@best.com - neither the existing admins,
nor root@dxm.org received any confirmation, as the request
was sent from another address. The InterNIC does NOT
require domain update requests to be sent by admins - 
that is, in fact, the simplest level of authentication
that will be introduced by the InterNIC Guardian Object.

Rishab





Thread