Comcast Briefly Loses Control of Its Domain Name

Fallen Andy notes that Comcast, one of the largest US ISPs, lost control of its domain name to what appeared to be juvenile social engineers of the old school — i.e. not in it for the money. The intruders got into Comcast's registrar account at Network Solutions and repointed the domain's DNS records. A blog entry at SANS points out how trivially easy this can be. Reader ElvenKnight points out an insightful interview up at Wired with the two young guys who perpetrated the hack.

Re:Stupid password

[Constantine XVI]

Missed one.

12345.

Re:Network Solutions seems to be the common trend.

[swillden]

From the Wired article:

Network Solutions spokeswoman Susan Wade disputes the hackers' account. "We now know that it was nothing on our end," she says. "There was no breach in our system or social engineering situation on our end."

Sooo, what she's saying is that Network Solutions' system was operating as designed. Is that supposed to be comforting?

Re:These guys are my heroes

[Thaelon]

Try this: http://www.gethuman.com/gethuman_list.asp?bname=%22C%22 [gethuman.com]

Lazy companies create "automated systems to handle most inquiries" ignoring the fact that even their claim states its own failing, it doesn't handle them all. So we have created a database of how to circumvent the barrier to customer support.

Now if only we could force them to hire customer support grunts without such thick accents.

Re:The consequences might not be as fun

[bconway]

Read (some of) the 25+ page discussion on Broadband Reports, linked in the article. Ports 25 and 110 were active and accepting connections, followed by rejecting all logins are (presumably) harvesting their credentials. My Nmap scans during the event are included in that thread.

Re:The consequences might not be as fun

[phoenixwade]

It was a terrorist attack intended to disrupt a major part of the infrastructure, period.

Oh, really? You were there? You know what they were thinking? How do you know it wasn't a couple of punk kids just screwing around and not realizing what they were getting themselves into?

I never said they shouldn't be charged. I (and the parent I responded to) both just said that they will likely be charged with much more than the crime warrants.

The Wired article indicates that they were retaliating because some Comcast dweeb was rude on the phone. It also indicates that they were stupid enough to be surprised by how big and loud this blew up. Further, it indicates this is a repeat offense for both "hackers". If all that is true, then I submit there is very little chance they are going to be charged with more than the crimes warrant. Repeat offenders and that kind of petty extortion should be slapped as hard as possible.

Re:The consequences might not be as fun

[Pantero Blanco]

It was a terrorist attack intended to disrupt a major part of the infrastructure, period.

Terrorism, by definition, has to have some sort of political goal in mind (wanting power, autonomy, etc), and has to have the intention of intimidation. This has neither.

I don't see anyone shaking in fear over Comcast's website being inaccessible...

It's just a regular crime, not terrorism.

Re:The consequences might not be as fun

[Lobster Quadrille]

Life isn't fair, but the judicial system is supposed to be [wikipedia.org].

Re:Everything old is new again.

[Bryansix]

You know if you use a real domain registrar and not Network Solutions you can put a freeze on changes to your records so this can't happen.

Re:The consequences might not be as fun

[FliesLikeABrick]

The Wired article/interview says that they were bouncing around web hosts like crazy. Of course if the point comcast.net to some large host, you'll see all kinds of services during your nmap scan.

They were using bunches of free webhosts who almost definitely have servers listening on imap/pop3/smtp and other services. That said, it makes sense that logins intended for comcast ended up failing when they hit these random web hosts.

Re:The consequences might not be as fun

[Nemo's Night Sky]

I agree. The parent should seriously take a minute to check out wikipedia's article on -ism [wikipedia.org] and find out what the word terror means when ism is suffixed.

That being said, your spice/caffeine sig is AWESOME.

Re:The consequences might not be as fun

[Anonymous Coward]

They didn't say that harm implies terrorist attack, they were saying terrorist attack implies harm.
 
Some fruits are apples, but not all fruits are apples.