I've been using pair.com (and pairnic.com) for my hosting and registration for many many years, and they've never been anything but the ideal as far as I'm concerned.
Dan On Tue, Mar 30, 2010 at 04:07, Greg London <[email protected]> wrote: > Hm, > > Can anyone recommend a good, reliable, secure, host/registrar? > Must have phone support and shouldn't be too expensive. > > Greg > > > > For those of you not on the BLU list, you might find this an interesting > > read: > > > > http://old.nabble.com/Dreamhost-account-hacked-td28062149s24859.html > > > > In brief, a directed attack using social engineering was perpetrated > > against my domain registrar, Dreamhost, and due to multiple failures on > > their part, they granted the attacker access to my account, froze me > > out, and hampered my ability to halt the attack. > > > > This started Saturday night, and by Sunday afternoon, given lax response > > from Dreamhost, the attacker had succeeded in transferring my vl.com > > domain, which is considered of high value due to being only two letters, > > to a foreign registrar located in the Bahamas. > > > > Included in my posts are laughable chat transcripts between the attacker > > and the Dreamhost support personnel, where support people were more than > > happy to update contact info, supply plain text passwords, and force > > through a domain transfer. > > > > Clearly, humans were the weakest link in this system. > > > > The good news is that the attacker never succeeded in compromising my > > email account use as the domain contact (despite a few attempts) and the > > foreign registrar has been convinced that there was enough fishy about > > the transfer to put modifications on hold. So for the time being my name > > server records are safe, and they haven't gained access to my vl.com > > email traffic. (Though I'm pretty sure they only care about the domain > > itself.) > > > > I've reported the attack to the local police and the FBI. > > > > Still tonight the attackers made attempts to reset the password on my > > Google hosted account used as the contact address for the domain. > > Undoubtedly so they can leverage it to send a forged letter to the > > foreign registrar. > > > > -Tom > > > > -- > > Tom Metro > > Venture Logic, Newton, MA, USA > > "Enterprise solutions through open source." > > Professional Profile: http://tmetro.venturelogic.com/ > > > > _______________________________________________ > > Boston-pm mailing list > > [email protected] > > http://mail.pm.org/mailman/listinfo/boston-pm > > > > > -- > > > > _______________________________________________ > Boston-pm mailing list > [email protected] > http://mail.pm.org/mailman/listinfo/boston-pm > -- Dan Boger _______________________________________________ Boston-pm mailing list [email protected] http://mail.pm.org/mailman/listinfo/boston-pm
