Tu kalau ada yang mau coba nge take over domain http://www.wired.com/news/politics/0,1283,33571,00.html [the article] Domains Hijacked from NSI by Chris Oakes Network Solutions' administrative policies are once again being blamed for Internet domain hijackings that took at least brief control over some major Web domains. Beginning Saturday, an unidentified individual began attempts, some successful, to seize control over domains including major Web hosting service Exodus, Web standards body World Wide Web Consortium and Emory University. And all the misappropriation required was a simple spoofing of email addresses. "It would appear that it is a simple domain spoof," said Network Solutions spokesman Brian O'Shaughnessy. He stressed that the registrar offers several levels of security to domain holders. A free security option uses a more elaborate authentication scheme to verify changes. "Someone commited an act of deception here and the tools have -- since 1996 -- been available to our customers to protect themselves," O'Shaughnessy said. He added that people have a wide range of attitudes toward the security they need -- just as some people are comfortable "leaving their keys in the car," O'Shaughnessy said. Some companies targeted in the attack were content enough with Network Solutions resolution of the problem after the fact. "We're working very closely with Network Solutions to determine what happened, how it happened, and [to] make sure it doesn't happen again," said Exodus spokeswoman Maureen O'Connell. She said the change affected access to the company's Web site for an unspecified period over the weekend. "It didn't affect our customers or our network," she said. "We worked with Network Solutions to get a patch in place." World Wide Web Consortium (W3C) spokeswoman Janet Daly said the organization first learned of the attempt to change the domain name for the organization from a posting at the programmer news and communications site Slashdot. "We caught the attempt earlier so it was never transferred. It would appear that the person was waiting until Network Solutions' hours for the week were done." At least one domain was substantially affected. Joe Hamelin, the Seattle-based owner of Nethead.com lost control over his domain and the low level of associated traffic to its Web site and email servers. He was unable to receive email throughout most of Saturday through Monday. Network Solutions said it couldn't provide a total number of domains affected by the hijacking, nor whether it was necessarily coordinated by one person. Calls to the phone number listed in the spoofed domain records were not returned. O'Shaughnessy explained the verification process for standard domain account changes. "An email would go back to the person who is original contact, saying 'Did you authorize the change?' The person would then authorize, yes or no." Network Solutions offers a free secure option called Guardian, an authorization and authentication scheme "that helps protect domain name records, contact records, and host records from unauthorized updates," according to O'Shaughnessy. A major hijacking occurred in July of last year, when a resident of a Chicago suburb found he was the unexpected owner of the top Web domain Excite. It was news to everyone involved and highlights the weakness of the Net's name registration system. Hamelin said the technical contact person for his domain received this very notice, and replied that the request was illegitimate. But the order not to make the change had no effect, and Hamelin lost control over his domain. Some of the victim domain holders, including W3C and Hamelin, thought it was clear the attacker tried to take advantage of the weekend, when it might be more difficult to reach Network Solutions for help. "I don't know if the weekend has anything to do with it," O'Shaughnessy said. "We have 24/7 tech support." In any case, he said, to call the incident widespread would be "histrionic." "We have 6.5 million domains. You mentioned [a few]." O'Shaughnessy pointed out that Network Solutions offers more secure services. Most accounts will not need the extra security he said, but in the age of e-commerce and more vital Web services, the onus is on the registrant to see that his domain is secure. "There are a lot of people out there who don't take advantage of [secure domain name accounts], just because they don't want to fuss with it. There are advantages to protecting themselves. We do offer them [security options]." But Hamelin said many longtime account holders may be oblivious to the options, and that he never received a notice from Network Solutions as to securing his account. Hamelin said it would be more fair if the company reviewed such requests for changes manually to prevent such spoofs. ------- AFLHI 058009990407128029/089802---(102598//991024) http://www.indolinux.com - Nikmati Layanan Personal INDOLINUX :: http://techscape.net/ - Webhosting: Dual T3 on Dual Pentium III 450Mhz Only US$1.95/month -> CGI SSL 5MB Unlimited Traffic & Mail FP2000 ------------------------------------------------------------------- untuk berhenti kirim email ke [EMAIL PROTECTED] untuk melihat peraturan kirim email ke [EMAIL PROTECTED] arsip berada di http://www.mail-archive.com/[email protected]
