[afnog] Google blames DNS insecurity for Web site defacements

Atef LOUKIL atef at ati.tn
Mon May 18 15:40:17 UTC 2009


Dear all,

> I've only seen reports of successful SQL compromises of the following
> ccTLDs:
>
> EC (Ecuador)
> MA (Morocco)
> NZ (New Zealand)
> PR (Puerto Rico)
> TN (Tunisia)
> UG (Uganda)
>   
could anybody indicate where we can find these reports of  "successful 
SQL compromises" ???

Regards,

_______________________________________________________
Atef LOUKIL
Tunisian Internet Agency,
ATI-LIR&NIC Departement
13, Rue Jugurtha Mutuelleville - 1002 Tunis - Tunisia
Phone: 216 71 846 100
Fax: 216 71 846 600
http://www.ati.tn



EL MAAYATI Afaf wrote:
> Hello everybody,
>       Concerning ".MA", the origin of the "www.google.co.ma" Web site defacement was an attack which has affected The Registrar Online System.
> The Registrar of this domain name, believing that the update of NS entries has been asked by the legitimate user, has transmitted an ordinary request to the Registry.
>
> The vulnerability has been fixed by the Registrar.
>
> In fact, the incident was occured in the Online Registrar System, which dismisses any security risk related directly to the Registry system.
>
>
>
> Regards,
> ".MA" ccTLD
>
> -----Original Message-----
> From: afnog-bounces at afnog.org [mailto:afnog-bounces at afnog.org] On Behalf Of Calvin Browne
> Sent: Monday, May 18, 2009 12:16 PM
> To: Bill Woodcock
> Cc: africann at afrinic.net; afnog at afnog.org
> Subject: Re: [afnog] Google blames DNS insecurity for Web site defacements
>
> On Mon, 2009-05-18 at 03:26 -0700, Bill Woodcock wrote:
> <SNIP>
>   
>> Thank you very much for the detailed information, that helps everyone
>> better understand how to secure their operations.
>>
>> I've only seen reports of successful SQL compromises of the following
>> ccTLDs:
>>
>> EC (Ecuador)
>> MA (Morocco)
>> NZ (New Zealand)
>> PR (Puerto Rico)
>> TN (Tunisia)
>> UG (Uganda)
>>     
>
> Does it appear these were co-ordinated?
> are these registries running the same software?
>
> having a co-ordinated attack against different bespoke software would be
> way interesting.
>
> regards
>
> --Calvin
>
>
> _______________________________________________
> afnog mailing list
> http://afnog.org/mailman/listinfo/afnog
>
> Ce message, son contenu et toutes les pi?ces jointes sont adress?s ? l'attention exclusive de leur (s) destinataire (s) et sont strictement confidentiels : ils rel?vent de la correspondance priv?e. Toute publication, utilisation ou diffusion, m?me partielle, par des personnes autres que les destinataires est interdite et doit ?tre autoris?e par l'Agence Nationale de R?glementation des T?l?communications (ANRT, Royaume du Maroc). Si vous recevez ce message par erreur, nous vous prions de le d?truire apr?s en avoir inform? son exp?diteur sans d?lai. L'ANRT d?cline toute responsabilit? pour toute alt?ration, d?formation ou falsification subi par le message et ses pi?ces jointes au cours de leur transmission.
> Retrouvez toutes les informations de l'ANRT sur son site Web ? l'adresse suivante : http://www.anrt.ma.
>
> This message, its content and its attachments are intended for the exclusive use of the named addressee (s) and are strictly confidential. Any copy or other use of this information by persons or entities other than the intended recipient is prohibited and should be authorized by the National Agency of Telecommunications Regulation (ANRT, Morocco). If you have received this communication in error, please delete the material and notify the sender. The ANRT accepts no liability for any alteration, distortion or falsification that may occur during the transmission of this message. All information about ANRT can be found on our website at the following address http://www.anrt.ma.
>
> _______________________________________________
> afnog mailing list
> http://afnog.org/mailman/listinfo/afnog
>
>
>   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://afnog.org/pipermail/afnog/attachments/20090518/a9de41dc/attachment.bin>


More information about the afnog mailing list