https://medium.com/@gszathmari/hacking-law-firms-abandoned-domain-name-attack-560979e0b774
tl;dr: Expired domain names re-registered by malicious actors after the redemption period are useful for all sorts of mischief. This is a pretty easy to understand read for non-technical management types at customer organizations, who might not understand the importance of how a domain name and its authoritative DNS server records are the single point of failure under a lot of important stuff. On Tue, Sep 4, 2018 at 11:42 AM Randy Bush <ra...@psg.com> wrote: > tl;dr: control the domains you use > > the domain rain.net was on since the early '90s. it used to be the > domain of the isp which became verio which became ntt. lots of local > portland folk had subdomains, email, ... > > well, with zero notice, ntt seems to have flogged it off to someone who > does not give a damn, and a lot of folk's email and so forth is dead > dead dead. packets and smtp falling on the floor. > > a friend once gave me a tee shirt which says "god helps those who own a > majority share." the corollary is that the goddess helps those who own, > or otherwise control, the domains on which they rely. > > randy >
