Don't Let Your Domain Name Become a "Sitting Duck"
Submitted 1 month ago by bot@lemmy.smeargle.fans [bot] to hackernews@lemmy.smeargle.fans
https://krebsonsecurity.com/2024/07/dont-let-your-domain-name-become-a-sitting-duck/
Submitted 1 month ago by bot@lemmy.smeargle.fans [bot] to hackernews@lemmy.smeargle.fans
https://krebsonsecurity.com/2024/07/dont-let-your-domain-name-become-a-sitting-duck/
0x01@lemmy.ml 1 month ago
1) the domain uses or delegates authoritative DNS services to a different provider than the domain registrar;
2) the authoritative name server(s) for the domain does not have information about the Internet address the domain should point to;
3) the authoritative DNS provider is “exploitable,” i.e. an attacker can claim the domain at the provider and set up DNS records without access to the valid domain owner’s account at the domain registrar
List of vulnerable: github.com/indianajson/can-i-take-over-dns