Domain: nic.mil
Stories and comments across the archive that link to nic.mil.
Comments · 20
-
Re:Aaahh
For those without email they recomend that you use this template
-
Good Citizen
I spoke to a lady at the NIC Help Desk (linked from here). She gave me the number for the security response team; I contacted them.
A lady answered the phone and told me that they were aware of the problem and looking into it.
Jouster -
Re:Link to .mil Registry
Why not?
That site has some great RFC particularly RFC2901
that is an RFC rthat should be read by every person who wnts to set up a large network.
It seems as if there looking for comments on them. -
AND!!!They even give you instructions *and* a sample form to follow! How convinient.
-
Just call 'em up!
-
Suggested sites don't have 'default password'
The article mentions that "
...default passwords are cheerfully provided on the page."None of the sites suggested so far afaics have this. I went as far as I could on nic.mil without having a
.mil email address, but as has been usggested here, that application is then obviously read by someone, and has the security check of requiring a .mil email address. Or has the page been fixed since the article was posted?Also "
...an equally unprotected (and Google-cached) admin interface encouraging us to add a new user, like ourselves, say, which requires no authentication."This sounds like the sites.defenselink.mil one:
http://216.239.57.100/search?q=cache:sites.defens
e link.mil/servlet/DataEntry/adduser&hl=en&lr=&ie=UT F-8&sa=N&tab=gw Anonymous CowardBTW nic.mil has a 'disclaimer' on the base url which says use of you page constitutes assent to being monitored. It doesn't limit the extent of monitoring. So here is my reply to them,
a) No it doesn't. You may be monitoring, but you have not got assent.
b) The warning only appears on one page! I only checked that page, last of all, by luck! Most users will never know that you assume that they assent to your monitoring.
c) The page is on a public network - your 'monitoring' better not consist of anything more than a logfile entry with an incoming IP, hostname and time.
My posting of this comment constitutes legal grounds for a lawsuit in excess of $1billion dollars should US DoD infringe the liberties of myself or anyone I know or meet. Since you don't know who I am, anyone can claim that they posted this article and claim the $1b. Nyer nyer. This is not satire, it is law. -
Since Slashdot if a Pussy-land...
I did the process at the
.mil NIC site.After you fill all the forms, there's:
PAY ATTENTION!
This online program makes no changes to the WHOIS database.
The scope of this online program is to send the template to the e-mail address entered in the field below.
Once you receive the completed template, you must forward it to the appropriate point of contact for action.
The NIC will not process any templates until it receives this template (by email) from the domain administrator or service PMO.
So you are essentially filling a template, which you can do by hand as well, following the instructions here.
It lets you retrieve POC by a handle though. I don't know the access level of this information in USA, but this is quite odd, since it seems that the handles are assigned by initials, and are of progressively increasing length.
I also wonder where does this interface gets that data from... There's a DB somewhere, and it can be probably hacked via this interface.
-
Since Slashdot if a Pussy-land...
I did the process at the
.mil NIC site.After you fill all the forms, there's:
PAY ATTENTION!
This online program makes no changes to the WHOIS database.
The scope of this online program is to send the template to the e-mail address entered in the field below.
Once you receive the completed template, you must forward it to the appropriate point of contact for action.
The NIC will not process any templates until it receives this template (by email) from the domain administrator or service PMO.
So you are essentially filling a template, which you can do by hand as well, following the instructions here.
It lets you retrieve POC by a handle though. I don't know the access level of this information in USA, but this is quite odd, since it seems that the handles are assigned by initials, and are of progressively increasing length.
I also wonder where does this interface gets that data from... There's a DB somewhere, and it can be probably hacked via this interface.
-
admin page
admin page at nic.mil is here. have fun.
-
Re:Hmm....
Dunno but you can do it for him:
nic.mil/cgi-bin/domain -
Re:Aaahh
Wow, I didn't believe it was there!
I found references to http://www.nic.mil/cgi-bin/whois on google. I was debating on trying /admin and etc instead, but didn't :)
Instead, I searched for
admin http://www.nic.mil
on Google, to verify the news. I ended up clicking on a web site that shows beginning web masters useful resources.
From there, I went to the site one level above, and from there clicked a link to view a document about standard run of the mill no big whoop procedures about webmastering (pretty useful if you want to be a contractor or write software and have it comply, I assume.)
BTW the security notice on this document is a link to army.mil's privacy policy, which says:
Information presented on Army Home Page is considered public information and may be distributed or copied unless otherwise specified. Use of appropriate byline/photo/image credits is requested.
Anyway, on this document I was just describing, click the second link to the defenselink webmasters area.
There (which is also public according to their stated policy) you can click on "Domain Registration in the .mil domain" and see this
http://www.nic.mil/ftp/mgt/bul-9605.txt
These are just public info resources. army.mil's security policy says if you try to upload or change stuff, that's what they care about. -
hmm
I also found this
-
Re:Aaahh
This too, for reserving your very own netblock.
-
Re:AaahhAnd this is the domain registration link.
Won't work without a
.mil email address, though. -
Aaahh
-
Aaahh
-
Link to .mil Registry
http://www.nic.mil/dodnic. No, I didn't go poking around. If you've got bigger balls than I, perhaps you can link to the supposed admin area...
-
.us hierarchy>The only two which come to mind as not being
>a mess should really be the second level
>domains .mil.us and .gov.usJust to mention, it's
.gov and .mil, top level domains in their own right, not .gov.us and .mil.us-- the second-level domains under .us are state abbreviations (.mn.us, for example).M
-
There already are multiple root nameservers
In fact, there are many root nameservers; one for each country out there (.de,
.uk, .ie, .au, etc) and the US government and military do their own thing too.
http://nic.gov
http://nic.mil
I'm assuming that either NSI points requests to them, or local nameservers know to ask them (based on the top-level of the request). So this kind of this is already happening, it's just that alternic.org is not in the 'official list' or whatever. Maybe ICANN has something to do with it. -
A New Domain OrderYou are proposing a whole new trademark registry, besides those already existing in most countries. While this may be a good idea in itself, it does very little to solve the problem at hand, that of making lawyers and legislators understand that the DNS goes beyond mere commercial marketing. Giving them an entire TLD to play with could even be seen as admission on your (our) part that trademarks do have a place in the namespace.
In my opinion, if trademarks belong in the DNS at all, it's within the domains of those government agencies registering them in the first place. Thus, the U.S. PTO could set up TM.USPTO.GOV as a placeholder for all trademarks registered there, and it would be up to them to devise a naming scheme that would allow every registered trademark to map to a valid and unique subdomain name. I wish them good luck with pictorial trademarks.
As for non-registered trademarks, establishing a registry in the form of a domain name (whether TLD or any other domain) kind of contradicts the idea of allowing non-registered trademarks in the first place.
We don't have to wait for the WIPO or any court to rule that the DNS should accomodate their view on trademarks before we set up a new system. In fact, we are well-advised to make preparations in advance, setting up an organization, devising new rules, and decide how to make an emergency transition in case a legal warhead happens to hit the present InterNIC. I suppose you don't need government authorization to join others in building a bomb shelter or stockpiling canned food?
Don't repeat AlterNIC's mistake however, that of polluting the existing namespace in order to seize control of InterNIC's web address (according to what I've heard, the guy behind AlterNIC ended up in jail for that, thanks to the InterNIC having high-ranking friends not wanting to see the integrity of
.MIL being corrupted in that or any other way).If anybody wants to test an alternate domain hierarchy, keep it well away from the current one. That goes for intellectual property lawyers too.