Slashdot Mirror

← Back to Stories (view on slashdot.org)

Register your own .mil Domain

Posted by CmdrTaco on from the someone-should-register-paper.mil dept.

JWSmythe writes " As reported in This Story at theregister.co.uk ,and on dailyrotten.com, it seems the US Department of Defense has dropped the ball. Not only can you register a .mil domain, but you can find "secret" domains that aren't publically known (the gov't uses security through obscurity?). I'm looking forward to hacker.mil, warez.mil, and porn.mil."

12 of 311 comments (clear)

  1. The Register story is two days old. by More+Karma+Than+God · · Score: 5, Insightful

    Why is this just hitting Slashdot now?

    As far as I know The Register broke the story, and nobody else has cited information that wasn't in The Register's article.

    Does anyone have a screenshot of this site?

    --
    Go here to create your own Slashdot dis
  2. I pitty the poor idiot who actually uses that ! by red-beard's · · Score: 3, Insightful

    Whoever is stupid enough to screw with the DOD is on their own . I remeber the letter of the cyber terrorism bill all too clearly . They'll be bustin down your front door and haulin you away like you are illian(sp?) gonzales on crack . Oh an mind you once they have you your rights are revoked as you are a terrorist . Boy after this incident I'll be watching as i drive through washington dc for a line of the idiots heads who tried out this vulnerability on pikes per Rumsfields orders .This is a bad time to be poking at americas security . Kinda like throwing rocks at a rabid junkyard dog while sittin in his dog house .

  3. ya, but is it worth the risk? by LinuxPunk · · Score: 2, Insightful

    Unless your good at covering your tracks, and use lotsa proxy servers in the process, is it really worth the risk of going to jail for 5+ years for unauthorized use of a military computer system to register a domain name??

    BTW, this story is old, i read it yesterday. :P, and yes i do know the URL for registering these domains, even though it doesnt say in the article.

  4. Gives new meaning to... by madgeorge · · Score: 2, Insightful
    Total Information Awareness, now doesn't it?

    -madgeorge

  5. I'm not so sure about this. by Eideteker · · Score: 1, Insightful

    Do you think it could be a trap? Given the gov't's of-late interest in total information, they just got a whole list of names for their file.

    --
    sic
  6. Re:41 minutes... by Anonymous Coward · · Score: 2, Insightful

    For posting directions to a publicly available, unprotected resource?

    None whatsoever of course!

  7. Re:Aaahh by skermit · · Score: 2, Insightful

    HO-LY CRAP

    "Delete an existing host"???

    Some 14-year-old is going to get arrested for taking down af.mil, army.mil, navy.mil, ad nauseum ad infinitum...

    Geez. Shouldn't Homeland Security be bitchslapping our own agencies around as well as chasing bad guys?

    --
    -Christopher Wu
    http://www.christopherwu.net/
  8. Don't do it... by fmaxwell · · Score: 4, Insightful

    I went to that link and it requires that you indicate a sponsoring agency. Since none of us have one, registering a domain would require entering false information into a DoD computer in order to gain unauthorized access. That is just a very bad idea.

    While it might be funny to register al-qaeda.mil, grain.mil, or saddam.mil, you don't want to find yourself occupying Kevin Mitnick's old cell. The Department of Defense is not renowned for their lighthearted sense of humor and fun. They may very well decide to make an example of someone. Or they might just decide to hold someone for months or years prior to even filing charges.

    It's not worth risking your freedom and your future livelihood for a prank.

    1. Re:Don't do it... by fmaxwell · · Score: 2, Insightful

      If they are going to punish someone, it should be the .mil nic admins.

      An interesting theory, but not one that is likely to prevail in court. While there is no clear law against making an insecure web site, there are laws against "computer fraud and abuse."

  9. Re:Patriotic Honeypots by Midnight+Thunder · · Score: 2, Insightful

    How long til the .mil and the .gov and the rest realise that spoofed sites like these could be a fantastic tool in capturing possible IPs of those stupid enough to actually try to use them.

    If the posts, here on /., are anything to go by, then they will probably end up having range of IP addresses covering the globe, which would probably be a waste of resources trying to see who these people are. A would guess the larger percentage of crackers are akin to the person who tries to get two papers instead of one, from those vending machines, because they are curious to see if it is that easy.

    --
    Jumpstart the tartan drive.
  10. Smart move by Ungrounded+Lightning · · Score: 3, Insightful

    No, I didn't go poking around.

    Smart move.

    Can you say "honeypot"? I KNEW you could.

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
  11. Re:Hmm.... by Cramer · · Score: 2, Insightful

    And just how does that differ from the way InterNIC used to manage domains? (Answer: it doesn't)

    Obviously, no one read the part about an email address within NIPRnet. If you have an email address within NIPRnet, then you work for the DoD. It's not like someone can use foo@bar.com to register dozens of domains.

    And an other thing, all the web engine does is fillout the templates that have been available via ftp for years.

    (I'm assuming Google has already removed the reffered to pages from the cache.)