At 11:02 AM 4/13/2005 -0400, Radu Hociung wrote:
If the world were to adopt IP authorization/authentication schemes like
SPF/CSV, without removing the economic incentive for spam, the spammers
would put pressure on the next weak point.
I understand that it is difficult to do, but what would it take for a
skilled hacker to steal the IP address of an otherwise well protected SMTP
server and sell that IP to the spammers?
I think the more likely theft will be of domain names. The biggest so far
was described in
Panix recovers from domain hijack, John Leyden, The Register, 17th January
2005,
<http://www.theregister.co.uk/2005/01/17/panix_domain_hijack/>http://www.theregister.co.uk/2005/01/17/panix_domain_hijack/
This was done by a con artist convincing a .com registrar that panix was
moving to Australia. This is ordinary fraud, nothing special to the
Internet. It is the same as convincing the phone company that they should
move phone service for a large corporation to some office down the street.
As for "hacker" attacks on DNS, the best documentation I have found is "A
Threat Analysis of the Domain Name System" - RFC 3833
Of course, we will always have "man-in-the-middle" vulnerabilities from
anyone who has physical access to the equipment or wires. A grad student
at the University might get root access to the DNS server for the entire
campus, and do what he wants with all their subdomains. This would not
allow him to fake amazon.com, however.
Before getting involved in these email authentication efforts, I spent some
time studying claims that authentication was useless because of these
vulnerabilities. I concluded that the risks of wiretapping, etc. were not
something that ordinary spammers and phishers would accept, and we should
proceed full ahead with our authentication efforts.
--
Dave
************************************************************ *
* David MacQuigg, PhD email: dmquigg-spf at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *