Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Zone transfers? (Score 1) 74

The real question is "how many people actually check this sort of thing?" I would be willing to bet that few, if any, smaller organizations (i.e. ones who have essentially static zone info) ever check the contents of their DNS once it's been set up.

Comment Re:Zone transfers? (Score 1) 74

Interesting. I tried zone transfers on some of the first domains I found, but gave up on them because I wasn't getting anywhere. What you're seeing is very odd -- almost like DNSExit is treating like a domain itself rather than as a sub-domain of

Comment Re:Maybe the domain owners are involved? (Score 2) 74

In addition to sending notifications to site owners, I did communicate with several of them and they were shocked to find out about the alteration of their domain information. I also spoke with some of the DNS providers and I found nothing to indicate that they were involved (also, from TFA, the domains are spread across multiple DNS providers). As I said in the write-up, my bet is on a combo of poorly chosen passwords and overly generous/non-existent account lockout policies on something like a cPanel interface.

Submission + - SEO via DNS "Piggybacking" (

An anonymous reader writes: There is an interesting story over at the SANS Internet Storm Center that shows details on about 50 organizations that have had new machine names added to their DNS zone information. These were then pointed to sites used to boost the search engine cred of "pharma," skeevy "personals," and porn sites. If you outsource your DNS, how would you EVER catch something like this?

Slashdot Top Deals

Their idea of an offer you can't refuse is an offer... and you'd better not refuse.