|
|
|
|
|
|
by jerdfelt
4445 days ago
|
|
|
Part of what they do is set up registry locks. This is different than a registrar lock in that a registrar lock is managed by the registrar (GoDaddy, Tucows, etc) but a registry lock is managed by the registry themselves. It requires personal contact with specific individuals to enable and disable the lock, making attempts to steal domains more difficult (but not impossible since social engineering is still feasible). I've never used MarkMonitor before, but I did handle the registration for a hugely popular domain at one time. They decided to move to MarkMonitor but in the meantime they requested a registry lock set up on their main domain. This turned out to be very good idea since the registrar at the time was social engineered into changing the credentials for the account (with forged letter head similar to the fastmail.fm attack). The attackers were able to change the nameservers for little used domains but their main domain could not be modified. |
|
|