Forgot your password?
typodupeerror
Security

Register your own .mil Domain 334

Posted by CmdrTaco
from the someone-should-register-paper.mil dept.
JWSmythe writes " As reported in This Story at theregister.co.uk ,and on dailyrotten.com, it seems the US Department of Defense has dropped the ball. Not only can you register a .mil domain, but you can find "secret" domains that aren't publically known (the gov't uses security through obscurity?). I'm looking forward to hacker.mil, warez.mil, and porn.mil."
This discussion has been archived. No new comments can be posted.

Register your own .mil Domain

Comments Filter:
  • by More Karma Than God (643953) on Sunday January 26, 2003 @11:47AM (#5161814)
    Why is this just hitting Slashdot now?

    As far as I know The Register broke the story, and nobody else has cited information that wasn't in The Register's article.

    Does anyone have a screenshot of this site?
  • by red-beard's (639520) on Sunday January 26, 2003 @11:49AM (#5161824)
    Whoever is stupid enough to screw with the DOD is on their own . I remeber the letter of the cyber terrorism bill all too clearly . They'll be bustin down your front door and haulin you away like you are illian(sp?) gonzales on crack . Oh an mind you once they have you your rights are revoked as you are a terrorist . Boy after this incident I'll be watching as i drive through washington dc for a line of the idiots heads who tried out this vulnerability on pikes per Rumsfields orders .This is a bad time to be poking at americas security . Kinda like throwing rocks at a rabid junkyard dog while sittin in his dog house .
  • by LinuxPunk (641305) on Sunday January 26, 2003 @11:51AM (#5161830) Journal
    Unless your good at covering your tracks, and use lotsa proxy servers in the process, is it really worth the risk of going to jail for 5+ years for unauthorized use of a military computer system to register a domain name??

    BTW, this story is old, i read it yesterday. :P, and yes i do know the URL for registering these domains, even though it doesnt say in the article.
  • by madgeorge (632496) on Sunday January 26, 2003 @12:13PM (#5161944)
    Total Information Awareness, now doesn't it?

    -madgeorge

  • by Eideteker (641508) on Sunday January 26, 2003 @12:15PM (#5161951) Homepage
    Do you think it could be a trap? Given the gov't's of-late interest in total information, they just got a whole list of names for their file.
  • Re:41 minutes... (Score:2, Insightful)

    by Anonymous Coward on Sunday January 26, 2003 @12:20PM (#5161986)
    For posting directions to a publicly available, unprotected resource?

    None whatsoever of course!

  • Re:Aaahh (Score:2, Insightful)

    by skermit (451840) on Sunday January 26, 2003 @12:22PM (#5161998) Homepage
    HO-LY CRAP

    "Delete an existing host"???

    Some 14-year-old is going to get arrested for taking down af.mil, army.mil, navy.mil, ad nauseum ad infinitum...

    Geez. Shouldn't Homeland Security be bitchslapping our own agencies around as well as chasing bad guys?

  • Don't do it... (Score:5, Insightful)

    by fmaxwell (249001) on Sunday January 26, 2003 @12:35PM (#5162080) Homepage Journal
    I went to that link and it requires that you indicate a sponsoring agency. Since none of us have one, registering a domain would require entering false information into a DoD computer in order to gain unauthorized access. That is just a very bad idea.

    While it might be funny to register al-qaeda.mil, grain.mil, or saddam.mil, you don't want to find yourself occupying Kevin Mitnick's old cell. The Department of Defense is not renowned for their lighthearted sense of humor and fun. They may very well decide to make an example of someone. Or they might just decide to hold someone for months or years prior to even filing charges.

    It's not worth risking your freedom and your future livelihood for a prank.
  • by Midnight Thunder (17205) on Sunday January 26, 2003 @12:48PM (#5162152) Homepage Journal
    How long til the .mil and the .gov and the rest realise that spoofed sites like these could be a fantastic tool in capturing possible IPs of those stupid enough to actually try to use them.

    If the posts, here on /., are anything to go by, then they will probably end up having range of IP addresses covering the globe, which would probably be a waste of resources trying to see who these people are. A would guess the larger percentage of crackers are akin to the person who tries to get two papers instead of one, from those vending machines, because they are curious to see if it is that easy.
  • Smart move (Score:4, Insightful)

    by Ungrounded Lightning (62228) on Sunday January 26, 2003 @03:34PM (#5163046) Journal
    No, I didn't go poking around.

    Smart move.

    Can you say "honeypot"? I KNEW you could.
  • Re:Don't do it... (Score:3, Insightful)

    by fmaxwell (249001) on Sunday January 26, 2003 @04:33PM (#5163335) Homepage Journal
    If they are going to punish someone, it should be the .mil nic admins.

    An interesting theory, but not one that is likely to prevail in court. While there is no clear law against making an insecure web site, there are laws against "computer fraud and abuse."
  • Re:Hmm.... (Score:2, Insightful)

    by Cramer (69040) on Sunday January 26, 2003 @04:52PM (#5163408) Homepage
    And just how does that differ from the way InterNIC used to manage domains? (Answer: it doesn't)

    Obviously, no one read the part about an email address within NIPRnet. If you have an email address within NIPRnet, then you work for the DoD. It's not like someone can use foo@bar.com to register dozens of domains.

    And an other thing, all the web engine does is fillout the templates that have been available via ftp for years.

    (I'm assuming Google has already removed the reffered to pages from the cache.)

What this country needs is a good five dollar plasma weapon.

Working...