[afnog] Google blames DNS insecurity for Web site defacements

EL MAAYATI Afaf afaf at anrt.ma
Mon May 18 13:58:08 UTC 2009 

Hello everybody,
      Concerning ".MA", the origin of the "www.google.co.ma" Web site defacement was an attack which has affected The Registrar Online System.
The Registrar of this domain name, believing that the update of NS entries has been asked by the legitimate user, has transmitted an ordinary request to the Registry.

The vulnerability has been fixed by the Registrar.

In fact, the incident was occured in the Online Registrar System, which dismisses any security risk related directly to the Registry system.



Regards,
".MA" ccTLD

-----Original Message-----
From: afnog-bounces at afnog.org [mailto:afnog-bounces at afnog.org] On Behalf Of Calvin Browne
Sent: Monday, May 18, 2009 12:16 PM
To: Bill Woodcock
Cc: africann at afrinic.net; afnog at afnog.org
Subject: Re: [afnog] Google blames DNS insecurity for Web site defacements

On Mon, 2009-05-18 at 03:26 -0700, Bill Woodcock wrote:
<SNIP>
> Thank you very much for the detailed information, that helps everyone
> better understand how to secure their operations.
>
> I've only seen reports of successful SQL compromises of the following
> ccTLDs:
>
> EC (Ecuador)
> MA (Morocco)
> NZ (New Zealand)
> PR (Puerto Rico)
> TN (Tunisia)
> UG (Uganda)

Does it appear these were co-ordinated?
are these registries running the same software?

having a co-ordinated attack against different bespoke software would be
way interesting.

regards

--Calvin


_______________________________________________
afnog mailing list
http://afnog.org/mailman/listinfo/afnog

Ce message, son contenu et toutes les pi?ces jointes sont adress?s ? l'attention exclusive de leur (s) destinataire (s) et sont strictement confidentiels : ils rel?vent de la correspondance priv?e. Toute publication, utilisation ou diffusion, m?me partielle, par des personnes autres que les destinataires est interdite et doit ?tre autoris?e par l'Agence Nationale de R?glementation des T?l?communications (ANRT, Royaume du Maroc). Si vous recevez ce message par erreur, nous vous prions de le d?truire apr?s en avoir inform? son exp?diteur sans d?lai. L'ANRT d?cline toute responsabilit? pour toute alt?ration, d?formation ou falsification subi par le message et ses pi?ces jointes au cours de leur transmission.
Retrouvez toutes les informations de l'ANRT sur son site Web ? l'adresse suivante : http://www.anrt.ma.

This message, its content and its attachments are intended for the exclusive use of the named addressee (s) and are strictly confidential. Any copy or other use of this information by persons or entities other than the intended recipient is prohibited and should be authorized by the National Agency of Telecommunications Regulation (ANRT, Morocco). If you have received this communication in error, please delete the material and notify the sender. The ANRT accepts no liability for any alteration, distortion or falsification that may occur during the transmission of this message. All information about ANRT can be found on our website at the following address http://www.anrt.ma.

More information about the afnog mailing list