Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Networking The Internet

ICANN Loses Control of Its Own Domain Names 61

Posted by Soulskill from the heal-thyself dept.
NotNormallyNormal writes "CBC picked up an AP story about ICANN recently losing control over two of their domain names on Thursday, June 26. A domain registrar run by the group transferred the domains to someone else. ICANN's press release had this to say: 'As has been widely reported, a number of domain names, including icann.com and iana.com were recently redirected to different DNS servers, allowing a group to provide visitors to those domains with their own website. It would appear the attack was sophisticated, combining both social and technological techniques, but was also limited and focused.' Comcast has had similar troubles lately as well."
This discussion has been archived. No new comments can be posted.

ICANN Loses Control of Its Own Domain Names More

ICANN Loses Control of Its Own Domain Names

Comments Filter:

  • Sophisticated ? (Score:5, Informative)

    by stephanruby ( 542433 ) on Saturday July 05, 2008 @05:21AM (#24064811)
    It's obvious [dnsstuff.com] they didn't follow their own rules by providing valid whois contact information [icann.org].

  • Re:Social Engineering to Take Over Entire TLDs (Score:2, Informative)

    by jabley ( 100482 ) on Saturday July 05, 2008 @10:23AM (#24065779) Homepage

    The major TLDs (.com, .net, etc) are relatively safe, since any changes would likely be difficult to get through - with any changes quickly noticed ... as in within minutes, or even seconds; likely wouldn't even be that effective, since the most popular TLDs zone dns entries are heavily cached.

    However, ccTLDs are a different story completely, since ccTLD zone name server changes are more common and thus such change requests would be far less scrutinized.

    I've never heard of any TLD being hijacked, but could likely be easily done, since the social engineering involved would be very similar.

    Changes to TLD nameservers need to pass human inspection at the IANA, human inspection at the US Department of Commerce, and human inspection at Verisign (who provide maintenance for the root zone). This is in stark contrast to the largely mechanical process by which domains in gTLD and ccTLD registries are modified.

    Requests to change entire NS sets (as opposed to simply dropping a couple and adding a couple of other nameservers) are typically stalled early in the process while the IANA requests justification for why the entire set is being changed at once.

    Hijacking a TLD would require a lot more social engineering than your note suggests.

Slashdot Top Deals

Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker

Close