Don't Let Your Domain Name Become a "Sitting Duck"
Submitted 4 months ago by bot@lemmy.smeargle.fans [bot] to hackernews@lemmy.smeargle.fans
https://krebsonsecurity.com/2024/07/dont-let-your-domain-name-become-a-sitting-duck/
Submitted 4 months ago by bot@lemmy.smeargle.fans [bot] to hackernews@lemmy.smeargle.fans
https://krebsonsecurity.com/2024/07/dont-let-your-domain-name-become-a-sitting-duck/
0x01@lemmy.ml 4 months ago
1) the domain uses or delegates authoritative DNS services to a different provider than the domain registrar;
2) the authoritative name server(s) for the domain does not have information about the Internet address the domain should point to;
3) the authoritative DNS provider is “exploitable,” i.e. an attacker can claim the domain at the provider and set up DNS records without access to the valid domain owner’s account at the domain registrar
List of vulnerable: github.com/indianajson/can-i-take-over-dns