[dns-operations] Typo in fox.com and an Akamai squatter

Edward Lewis edward.lewis at icann.org
Mon Feb 1 16:08:57 UTC 2016


On 2/1/16, 10:29, "dns-operations on behalf of Chris Adams"
<dns-operations-bounces at dns-oarc.net on behalf of cma at cmadams.net> wrote:

>A couple of Akamai-related questions:

Okay, so I am not and never have been a member of Akamai but I did work
for someone that had a similar event.

If the problem lay in the registration data, i.e., the owner of fox.com,
made a typo at their registrar and it resulted in the incorrect name being
published in the DNS, there is little the DNS hoster can do.  If the name
owner leaves a hanging name for someone else to squat on, there's simply
no automated way to prevent badness.

A DNS hoster could detect changes and ask if they made sense (that would
be asking a lot) but in the case I was privy too, the changes weren't made
in the hoster, they were made in a location far removed - the registrar.

I don't know if Akamai is a registrar, if they are, if they are a
registrar for fox.com.  (WhoIs says fox.com is registered via
MarkMonitor.)  I am assuming they are not.  Again, in the instance I saw,
we were not a registrar even though we were a registry for a few TLDs.

Only the domain name owner is in position to check this.  DNSSEC or not,
the problem exists, with DNSSEC though DANE and other ways to check
security credentials can help.  (Because the owner would have to make two
mistakes to be vulnerable, the typo plus messing up the other method,
whatever it is.)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4604 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160201/2e011384/attachment.bin>


More information about the dns-operations mailing list