Forwarded from: Elyn Wollensky <elynat_private> http://www.newsbytes.com/news/02/175343.html By Brian McWilliams, Newsbytes HERNDON, VIRGINIA, U.S.A., 20 Mar 2002, 12:09 PM CST A security breach Tuesday involving Verisign's Network Solutions unit disrupted potentially thousands of domain customers, company officials confirmed today. Attackers compromised a system that hosted thousands of "parked" domains that had been registered through Network Solutions and were still under construction, according to a Verisign representative. Web surfers who typed in the address of any of the affected domains were sent to a black page which featured an image of a mutilated rag doll and the words, "Did Web Pirates domain your domain?" According to its Web server banner, the system was running Microsoft's Internet Information Server (IIS) on Windows 2000. The server was operated by Atlanta-based hosting firm Interland under an outsourcing agreement, according to Verisign spokesperson Pat Burns. "At no time were there any issues with Verisign's domain name service," said Burns. Interland officials said the problem was identified and corrected later Tuesday, and the company is working with law enforcement to investigate the incident. In an online interview Tuesday, a member of Web Pirates, a Brazilian Web defacement group, said he only learned of the hacking incident after receiving numerous angry e-mails from victims. According to the member, who uses the nickname Splash and whose ICQ profile said he is 16, he was not aware that anyone from the group had defaced the Interland server. The security incident came at a bad time for the organizers of an upcoming conference for senior executives in Texas' technology industry, who planned to launch their homepage at Texastechnologyconference.org Tuesday. "This is somewhat catastrophic to us, to tell you the truth," said conference director Lisa Cohen, who noted that the summit is scheduled to begin April 4 and depends heavily on the Web site for publicity. Some Verisign customers who were affected by the hacking were surprised to learn that the domain registration firm had outsourced the hosting of their domains. "I wouldn't expect a company like Verisign to farm out domain parking. I would think they would want to own that responsibility," said Matthew Caldwell, chief security officer for GuardedNet, which owned an undeveloped domain affected by the breach. Rick Forno, chief security advisor for Shadowlogic and the former head of security for Network Solutions, said Verisign has begun relying on numerous partners for services it bundles with domain sales. While Verisign has the ultimate responsibility to its domain customers, the blame for the security breach falls squarely on Interland, he said. "Verisign may want to re-evaluate the clause in their contract that talks about security - if there even is such a clause," said Forno. According to its Web site, Verisign's Network Solutions unit is the world leader in domain name registration and related identity services. The company said it has more than 6.2 million customers with over 13.6 million active domains under its management. Interland is at http://www.interland.com Network Solutions is at http://www.networksolutions.com - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Mar 21 2002 - 03:05:34 PST