News

Hackers breach VeriSign "parked" domain server

Hackers last week broke into a server hosting thousands of "parked" domains that had been registered through VeriSign's Network Solutions unit.

The compromised server, which was running Microsoft's Internet Information Server (IIS) software, was being hosted for VeriSign by Interland.

Parked domains, which are also known as domain aliases, are domain names that point to an existing domain. For example, computerworld.org and computerworld.net could be two parked domains pointing to computerworld.com.

The idea is to ensure that when a user types in any one of the three addresses, it brings him to the main domain, computerworld.com. The goal of having such domains is to prevent companies with similar names from having similar domain addresses.

The breach last week occurred when Web surfers who typed in the addresses of any of the domains on the VeriSign server were directed to a page owned by the hackers, according to an Interland spokeswoman.

The problem was discovered on 19 March and was fixed in less than two hours, she added.

Such a breach can easily compromise sensitive information, such as address and billing information relating to the main domain, said Russ Cooper, an analyst at TruSecure. In many cases, such breaches involving Microsoft's IIS servers are relatively easy to guard against, Cooper said.

"I would be surprised to see if this was a sophisticated attack against a hardened IIS server," Cooper said. Instead, the hackers most likely gained access into the Interland-managed VeriSign server by taking advantage of known vulnerabilities in IIS, he said.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy