Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > NZ domainz got hacked?

Reply
Thread Tools

NZ domainz got hacked?

 
 
news2.thing@gmail.com
Guest
Posts: n/a
 
      05-12-2009
I seem to recall a while back that someone commented about being
unable to access Domainz....now I get a email off them saying they
have changed my password....after a "security review"...

yeah right.....

regards

thing
 
Reply With Quote
 
 
 
 
Dave Doe
Guest
Posts: n/a
 
      05-13-2009
In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
@y10g2000prc.googlegroups.com>, http://www.velocityreviews.com/forums/(E-Mail Removed) says...
> I seem to recall a while back that someone commented about being
> unable to access Domainz....now I get a email off them saying they
> have changed my password....after a "security review"...
>
> yeah right.....


Perhaps Lawrence is in charge of DomainZ hackable Linux servers - just
simple SQL injection IIRC, got the DNS records for several "big" NZ
sites (not just msn) and redirected them.

--
Duncan
 
Reply With Quote
 
 
 
 
Enkidu
Guest
Posts: n/a
 
      05-13-2009
Dave Doe wrote:
> In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
> @y10g2000prc.googlegroups.com>, (E-Mail Removed) says...
>> I seem to recall a while back that someone commented about being
>> unable to access Domainz....now I get a email off them saying they
>> have changed my password....after a "security review"...
>>
>> yeah right.....

>
> Perhaps Lawrence is in charge of DomainZ hackable Linux servers -
> just simple SQL injection IIRC, got the DNS records for several "big"
> NZ sites (not just msn) and redirected them.
>

DomainZ runs Windows servers. Front end is IIS 6.0

Cheers,

Cliff

--

The Internet is interesting in that although the nicknames may change,
the same old personalities show through.
 
Reply With Quote
 
Dave Doe
Guest
Posts: n/a
 
      05-13-2009
In article <4a0b379a$(E-Mail Removed)>, (E-Mail Removed)
says...
> Dave Doe wrote:
> > In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
> > @y10g2000prc.googlegroups.com>, (E-Mail Removed) says...
> >> I seem to recall a while back that someone commented about being
> >> unable to access Domainz....now I get a email off them saying they
> >> have changed my password....after a "security review"...
> >>
> >> yeah right.....

> >
> > Perhaps Lawrence is in charge of DomainZ hackable Linux servers -
> > just simple SQL injection IIRC, got the DNS records for several "big"
> > NZ sites (not just msn) and redirected them.
> >

> DomainZ runs Windows servers. Front end is IIS 6.0


They didn't hack those. They hacked the DNS servers, IIRC.

--
Duncan
 
Reply With Quote
 
Dave Doe
Guest
Posts: n/a
 
      05-13-2009
In article <(E-Mail Removed)> ,
(E-Mail Removed) says...
> In article <4a0b379a$(E-Mail Removed)>, (E-Mail Removed)
> says...
> > Dave Doe wrote:
> > > In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
> > > @y10g2000prc.googlegroups.com>, (E-Mail Removed) says...
> > >> I seem to recall a while back that someone commented about being
> > >> unable to access Domainz....now I get a email off them saying they
> > >> have changed my password....after a "security review"...
> > >>
> > >> yeah right.....
> > >
> > > Perhaps Lawrence is in charge of DomainZ hackable Linux servers -
> > > just simple SQL injection IIRC, got the DNS records for several "big"
> > > NZ sites (not just msn) and redirected them.
> > >

> > DomainZ runs Windows servers. Front end is IIS 6.0

>
> They didn't hack those. They hacked the DNS servers, IIRC.


Here's some more info for yer...

http://www.zone-h.org/news/id/4708

Looks like they hacked cpanel or somethin.

--
Duncan
 
Reply With Quote
 
AD.
Guest
Posts: n/a
 
      05-14-2009
On May 14, 10:31*am, Dave Doe <(E-Mail Removed)> wrote:
> In article <(E-Mail Removed)>, (E-Mail Removed)
> says...
>
> > Dave Doe wrote:
> > > In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
> > > @y10g2000prc.googlegroups.com>, (E-Mail Removed) says...
> > >> I seem to recall a while back that someone commented about being
> > >> unable to access Domainz....now I get a email off them saying they
> > >> have changed my password....after a "security review"...

>
> > >> yeah right.....

>
> > > Perhaps Lawrence is in charge of DomainZ hackable Linux servers -
> > > just simple SQL injection IIRC, got the DNS records for several "big"
> > > NZ sites (not just msn) and redirected them.

>
> > DomainZ runs Windows servers. Front end is IIS 6.0

>
> They didn't hack those. *They hacked the DNS servers, IIRC.


Really? Everything I heard said it was SQL injection through the
registry web interface, and that allowed them to update the DNS
records. The DNS servers themselves weren't compromised.

And it wouldn't have been cpanel. They might (I have no idea) use that
for their own webhosting service, but the registry management part
wouldn't be cpanel.

--
Cheers
Anton


 
Reply With Quote
 
Enkidu
Guest
Posts: n/a
 
      05-14-2009
Dave Doe wrote:
> In article <(E-Mail Removed)> ,
> (E-Mail Removed) says...
>> In article <4a0b379a$(E-Mail Removed)>, (E-Mail Removed)
>> says...
>>> Dave Doe wrote:
>>>> In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
>>>> @y10g2000prc.googlegroups.com>, (E-Mail Removed) says...
>>>>> I seem to recall a while back that someone commented about being
>>>>> unable to access Domainz....now I get a email off them saying they
>>>>> have changed my password....after a "security review"...
>>>>>
>>>>> yeah right.....
>>>> Perhaps Lawrence is in charge of DomainZ hackable Linux servers -
>>>> just simple SQL injection IIRC, got the DNS records for several "big"
>>>> NZ sites (not just msn) and redirected them.
>>>>
>>> DomainZ runs Windows servers. Front end is IIS 6.0

>> They didn't hack those. They hacked the DNS servers, IIRC.

>
> Here's some more info for yer...
>
> http://www.zone-h.org/news/id/4708
>
> Looks like they hacked cpanel or somethin.
>

Yeah, the DNS servers themselves were not hacked from that description.
"SQL Injection" smells of MS SQL Server. "CPanel" or whatever it was
could probably run on IIS or Apache.

Cheers,

Cliff

--

The Internet is interesting in that although the nicknames may change,
the same old personalities show through.
 
Reply With Quote
 
Dave Doe
Guest
Posts: n/a
 
      05-15-2009
In article <(E-Mail Removed)>, (E-Mail Removed)
says...
> Dave Doe wrote:
> > In article <(E-Mail Removed)> ,
> > (E-Mail Removed) says...
> >> In article <4a0b379a$(E-Mail Removed)>, (E-Mail Removed)
> >> says...
> >>> Dave Doe wrote:
> >>>> In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
> >>>> @y10g2000prc.googlegroups.com>, (E-Mail Removed) says...
> >>>>> I seem to recall a while back that someone commented about being
> >>>>> unable to access Domainz....now I get a email off them saying they
> >>>>> have changed my password....after a "security review"...
> >>>>>
> >>>>> yeah right.....
> >>>> Perhaps Lawrence is in charge of DomainZ hackable Linux servers -
> >>>> just simple SQL injection IIRC, got the DNS records for several "big"
> >>>> NZ sites (not just msn) and redirected them.
> >>>>
> >>> DomainZ runs Windows servers. Front end is IIS 6.0
> >> They didn't hack those. They hacked the DNS servers, IIRC.

> >
> > Here's some more info for yer...
> >
> > http://www.zone-h.org/news/id/4708
> >
> > Looks like they hacked cpanel or somethin.
> >

> Yeah, the DNS servers themselves were not hacked from that description.
> "SQL Injection" smells of MS SQL Server.


??? - how do you work that one out.

--
Duncan
 
Reply With Quote
 
news2.thing@gmail.com
Guest
Posts: n/a
 
      05-15-2009
On May 14, 10:56*pm, Enkidu <(E-Mail Removed)> wrote:
> Dave Doe wrote:
> > In article <(E-Mail Removed)> ,
> > (E-Mail Removed) says...
> >> In article <(E-Mail Removed)>, (E-Mail Removed)
> >> says...
> >>> Dave Doe wrote:
> >>>> In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
> >>>> @y10g2000prc.googlegroups.com>, (E-Mail Removed) says...
> >>>>> I seem to recall a while back that someone commented about being
> >>>>> unable to access Domainz....now I get a email off them saying they
> >>>>> have changed my password....after a "security review"...

>
> >>>>> yeah right.....
> >>>> Perhaps Lawrence is in charge of DomainZ hackable Linux servers -
> >>>> just simple SQL injection IIRC, got the DNS records for several "big"
> >>>> NZ sites (not just msn) and redirected them.

>
> >>> DomainZ runs Windows servers. Front end is IIS 6.0
> >> They didn't hack those. *They hacked the DNS servers, IIRC.

>
> > Here's some more info for yer...

>
> >http://www.zone-h.org/news/id/4708

>
> > Looks like they hacked cpanel or somethin.

>
> Yeah, the DNS servers themselves were not hacked from that description.
> "SQL Injection" smells of MS SQL Server. "CPanel" or whatever it was
> could probably run on IIS or Apache.
>
> Cheers,
>
> Cliff
>
> --
>
> The Internet is interesting in that although the nicknames may change,
> the same old personalities show through.


On the other hand Domainz has been advertising for a BIND/Linux
specialist....

regards

Thing

 
Reply With Quote
 
Enkidu
Guest
Posts: n/a
 
      05-15-2009
Dave Doe wrote:
> In article <(E-Mail Removed)>, (E-Mail Removed)
> says...
>> Dave Doe wrote:
>>> In article <(E-Mail Removed)> ,
>>> (E-Mail Removed) says...
>>>> In article <4a0b379a$(E-Mail Removed)>,
>>>> (E-Mail Removed) says...
>>>>> Dave Doe wrote:
>>>>>> In article <c97674c4-30b7-470e-b3ea-21f8107ebb31
>>>>>> @y10g2000prc.googlegroups.com>, (E-Mail Removed)
>>>>>> says...
>>>>>>> I seem to recall a while back that someone commented
>>>>>>> about being unable to access Domainz....now I get a email
>>>>>>> off them saying they have changed my password....after a
>>>>>>> "security review"...
>>>>>>>
>>>>>>> yeah right.....
>>>>>> Perhaps Lawrence is in charge of DomainZ hackable Linux
>>>>>> servers - just simple SQL injection IIRC, got the DNS
>>>>>> records for several "big" NZ sites (not just msn) and
>>>>>> redirected them.
>>>>>>
>>>>> DomainZ runs Windows servers. Front end is IIS 6.0
>>>> They didn't hack those. They hacked the DNS servers, IIRC.
>>> Here's some more info for yer...
>>>
>>> http://www.zone-h.org/news/id/4708
>>>
>>> Looks like they hacked cpanel or somethin.
>>>

>> Yeah, the DNS servers themselves were not hacked from that
>> description. "SQL Injection" smells of MS SQL Server.

>
> ??? - how do you work that one out.
>

Most SQL Injection attacks are against MS SQL server.

Google hits for "MySQL SQL Injection" gives 617,000 hits, for
"PostgreSQL SQL Injection" gives 109,000 hits and for "MS SQL Injection"
gives 948,000 hits.

Cheers,

Cliff

--

The Internet is interesting in that although the nicknames may change,
the same old personalities show through.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Domainz hosted exchange. Anything better? Boppy NZ Computing 4 11-01-2008 04:45 AM
If you Got Questions? I bet We got Answers Leisure.201@gmail.com Javascript 1 04-28-2007 11:04 PM
got an idea stlava Case Modding 8 07-14-2005 08:39 AM
Domainz, and "outdated encryption methods" Steve Marshall NZ Computing 4 06-23-2005 05:16 AM
Domainz website John NZ Computing 4 07-06-2004 07:19 AM



Advertisments