Hmmm...but what do you do when you fire the guy that has the combination of
the safe in his head?
Rich Shockney
RS Marketing
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Steve Poirier
Sent: Tuesday, August 14, 2001 7:32 PM
To: Derek Balling
Cc: [EMAIL PROTECTED]
Subject: Re: [RE: Transfer Fraud: Who are these losers!!!!]
Managers are responsible for employees. It should never happen that only one
person has the password. Keep them in a safe or anywhere but not just in the
head of a net admin. If you lose your password because you fire the guy who
is the password guru, then you have serious management flaws and
$BIG_COMPANY = 0;
Regards,
Steve
----- Original Message -----
From: "Derek Balling" <[EMAIL PROTECTED]>
To: "Ross Wm. Rader" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, August 14, 2001 7:54 PM
Subject: Re: [RE: Transfer Fraud: Who are these losers!!!!]
BIG_COMPANY fires me during YAMROL[1]
$BIG_COMPANY now needs to move their nameservers to new IP's, or
perform some other maintenance on their domain.
Is it accurate to say that $BIG_COMPANY, even though they're listed
as the owner, has absolutely no way short of a court order of getting
it done?
I'm not passing judgement here, I'm just noting that what's being
described above is VERY tight security, and I'm not sure it is all
that practical in all cases. It's cool that the "fake fax" won't get
a xfer moved, but at what cost? *chuckle*
I guess I'm asking "how firm IS that position?"
__
Steve Poirier
Project manager
Inet-Technologies inc.
----- Original Message -----
From: "Derek Balling" <[EMAIL PROTECTED]>
To: "Ross Wm. Rader" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, August 14, 2001 7:54 PM
Subject: Re: [RE: Transfer Fraud: Who are these losers!!!!]
> At 7:25 PM -0400 8/14/01, Ross Wm. Rader wrote:
> > > > Personally, it doesn't really matter if people are trying to steal
my
> >> > domains... just be thankful you're not with NSI where it used to be
> >(still
> >> > is?) trivial to steal domains from another individual.
> >>
> >> Is it any more trivial then at OpenSRS? Just a forged fax away from
> >owning
> >> any domain you want, right?
> >
> >nope...transfer requests are only honored through the system. Registrant
> >changes only through the MWI with a valid U:P - court order or WIPO
decision
> >beyond that. There are other limited situations where we will act, but
these
> >are typically to assist a verified registrant get a name back that was
lost
> >due to insufficient process at another registrar...(ie - another
registrar
> >receives a forged fax, changes the admin contact email address and then
lets
> >the pirate registrant transfer to us...)
>
> Let me play devil's advocate for a second.
>
> I work for $BIG_COMPANY, and manage their domains. I alone know the
> username/password combo.
>
> $BIG_COMPANY fires me during YAMROL[1]
>
> $BIG_COMPANY now needs to move their nameservers to new IP's, or
> perform some other maintenance on their domain.
>
> Is it accurate to say that $BIG_COMPANY, even though they're listed
> as the owner, has absolutely no way short of a court order of getting
> it done?
>
> I'm not passing judgement here, I'm just noting that what's being
> described above is VERY tight security, and I'm not sure it is all
> that practical in all cases. It's cool that the "fake fax" won't get
> a xfer moved, but at what cost? *chuckle*
>
> I guess I'm asking "how firm IS that position?"
>
> D
>
>
> [1] Yet Another Massive Round Of Layoffs
>
> --
> +---------------------+-----------------------------------------+
> | [EMAIL PROTECTED] | "Conan! What is best in life?" |
> | Derek J. Balling | "To crush your enemies, see them |
> | | driven before you, and to hear the |
> | | lamentation of their women!" |
> +---------------------+-----------------------------------------+
>
