Slashdot Mirror

← Back to Stories (view on slashdot.org)

Identity Theft Hits the Root Name Servers

Posted by CmdrTaco on from the i-don't-think-i-am-who-you-think-i-am dept.

aos101 writes "The Renesys blog has an interesting story about networks advertising the old address space of the L root name server after ICANN changed the IP address last November. These networks were also running root name servers on the old IP address of the L root name server up until last week, so any DNS servers still using the old IP address might have been getting their answers from these bogus name servers. A very cursory examination by Renesys of one of these bogus servers found that it appeared to be providing correct responses, which might be why no one noticed the problem. As Renesys points out, the volume of traffic to a root server is staggering, so the people running these bogus root servers must have had a reason. What did they get out of it?"

4 of 131 comments (clear)

  1. What did they get out of it? Easy....root access! by Anonymous Coward · · Score: 2, Funny

    Thank you, thank you!!! I'll get my coat... ;-)

  2. Re:statistics? profiling? by Thanshin · · Score: 4, Funny

    Khunting?

    (flem, 'a', 'n'...)

  3. Re:Make sure you are up to date! by stoborrobots · · Score: 2, Funny

    Cool, then we are in agreement. :) Cron is really the way to go.

    --
    "Go to CNN [for a] spell-checked, fact-checked summary" -- CmdrTaco
  4. Re:This is the perfect Man In The Middle attack by Anonymous Coward · · Score: 1, Funny

    Assuming your bank didn't use debian or a derivative to generate their SSL key then banking, etc. should be fine...