I've been doing Internet related work since 1993. Once of the advantages of being involved with the Internet for so early on is that I was able to secure my own name as my domain name; Greene.com (I also had fish.net, which I never should have let go. Oh well). I have had lots of offers to buy it over the years., but nothing close to enough to be worth giving up the convenience of owning my name.
A few years ago (while I was out of the country of course), someone decided that if I was not going to sell it, they were going to take it, and I experienced my first domain hijacking. This is when someone gets control of your registrar account and transfers your domain name to a different registrar over which you have no control. The typical strategy, so I am told, is to transfer it repeatedly, because after the first hop, it is very hard to prove ownership and get it back, since you don't own either side of the transaction. (note that registrars voluntarily enforce a 60 (or 90) day account freeze after a transfer to try to slow down transfer through multiple registrars.)
In my case, someone contacted network solutions claiming to be me and to have forgotten their password and not have access to their email address any longer. Then faxed them a forged passport and utility bill as proof of Identity. Changed the email address to a hotmail account that 'looked' like it could be my address. [Ok, I just have to interject at this point... Network Solutions had my phone number on file, I am not sure why they didn't just call me to see if this was legit. Major break down in process]. Then they transferred the domain from Network Solutions to GoDaddy and to keep me from noticing the transfer they replicated all my DNS information at GoDaddy so that everything would keep working properly, so short of trying to log in to my Network Solutions Account (and honestly, how often does that happen) I should never have noticed and 90 days later, gone.
I got lucky. They screwed up the GoDaddy DNS information and forgot to configure the URL for my webmail, so of course I noticed that webmail was not working pretty quickly and figured out what had happened. After many calls to Godaddy and Network Solutions, and 3 months of back and forth, I finally got my domain back. Yes, it really took 3 months. Fortunately all the settings were present and I could live without webmail, so I was not dead in the water. Network solutions even tried to tell me that the transfer was in fact authorized because they had faxes to prove it and I had to prove that they were forgeries. Ack!!
So to try to minimize that chance that this would happen again, they offered to put an IP address restriction on my account, so that one could only log in from a certain IP address. I am not sure how this would stop someone from hijacking my account, but it does secure the access to the account to some extent. It is also very inconvenient, and I ultimately had to remove it because I needed access from different locations.
Then Network Solutions introduced Password Plus, which uses a Verisign token to generate a security key that changes every 30 seconds and can be obtained from an App installed on a smartphone (if you don't want to purchase and carry a FOB). This seemed like a much better solution than the IP restriction until today... when suddenly I could not log in because it would not accept my security key. I tried resetting the key through the app and it did not solve the problem.
I called Network Solutions who told me that the key was issued by Verisign and that I needed to call them. I called Verisign who told me that any upgrades or changes to my smartphone could cause "Credential ID' to change, which would cause the App to no longer issue valid security codes for my account. Really? What kind of changes? An iOS point upgrade? An iOS version upgrade? A device change? These devices are updated all the time. The rep didn't seem to know, but told me to uninstall and reinstall the App and then call Network Solutions and have them Deactivate the old Credential ID and add the new one. Again, Really? Why would I need to uninstall and reinstall? I already have a new Credential ID. Oy.
So I called network solutions back. The first rep told me to call Verisign, then told me that Network Solutions no longer supports Password Plus, then told me that any Password Plus issues were on the Verisign side, then finally transferred me to someone else. I asked the someone else if they knew what Password Plus because if not, they would not be able to help me, and they proceeded to look it up then start reading me what Password Plus is. Oh boy. Eventually, after much research into what Password Plus was, she finally told me that I needed to call Verisign, and I finally insisted that she transfer me to someone who has heard of Password Plus or a supervisor. I got the supervisor who said "Hey, what this Deactivate Token button?" Click. Now I could login without a security key, go back into manage Password Plus, and add my new Security ID, which btw I have documented so that I can check it after I upgrade to iOS 5 to see if it actually changes again.
Wow, and to think that having the Token in an app on my iPhone was supposed to make my life easier. That took 3 hours to resolve, and I'm pretty good at this stuff.
This comment has been removed by a blog administrator.
ReplyDeleteI admire this article for the well-researched content and excellent wording. I got so involved in this material that I couldn’t stop reading. I am impressed with your work and skill. Thank you so much. Read more info about Network Automation
ReplyDeleteI liked your work and, as a result, the manner you presented this content about Managed it support Houston.It is a valuable paper for us. Thank you for sharing this blog with us.
ReplyDelete