The past month of February went on sale the domain ‘corp.com’. Beyond the attractiveness which could be for many companies to have a domain like that (that refers to the term ‘corporation’ and it is easy to remember), nothing could make you think that outside of a domain unlike any other. And, however, corp.com it was the key that allowed to control a security hole potentially devastating for many companies.
Their story begins in 1990, when Mike O’connor creates Go-fast.netone of the first providers of Internet, and logged a good handful of domains .com that they would acquire great value in the following years: place.com, bar.com, pub.com, etc
The security hole called “corp.com
One of them was -as you may have imagined – corp.com. But something caused O’connor to face several years without foreclosing on that particular domain. And that ‘something’ was a design error Active Directorythe tool from Microsoft that provides directory services in a network LAN.
The question is, in the first versions of Windows compatible with Active Directory, the default route the validation services within the same corporate LAN was the internal domain “corp.com”.
You may be wondering to what extent it may represent that a security hole. Let’s see: if an employee of any of these companies try to access your company data from outside the LAN (let’s say, for example, from the Wifi to the airport) it would be to really connect with the Internet domain “corp.com”.
Yes, the same one that O’connor went on sale in February. And the same that, handled with malicious purposes, it might take advantage of these connections involuntary to intercept communications of the enterprises affected and extract the whole set of data (emails, passwords, etc.).
No one does nothing, and O’connor is removed from the problem above
But, what no one took action? Well, Microsoft released several updates software that paliaban part of the problem, but few companies took advantage solutions these updates enabled.
And did not do so mainly because they considered impractical to delete all your network’s Active Directory to the full during the time necessary to implement the necessary changes, because slows or grinds to a halt necessary applications for their daily operations.
O’connor explained in February that saw the domain in question as “a dumping ground for chemical waste” and no longer wanted to “legarlo to their children and that they have to carry him.” And pointed out the frustration you supposed to the “good guys” did not seem to mind the matter, what could cause that “corp.com” fall into the hands of criminals.
The “poor” were, of course, the responsible of Microsoft, who O’connor had hoped that they would be willing to bid for the domain, whose starting price was 1’7 millions of dollars.
Microsoft takes action on the matter
But to Microsoft it does matter the problem: a year before a study conducted by the cyber security expert Jeff Schmidt with funding from the Department of National Security of the US, had revealed that more than 375,000 computers with Windows had tried to send sensitive information to the domain corp.com, including login data.
So, two months later, O’connor has shed his particular “waste dump”… after having acquired the Microsoft. According to a press release of the company (which has not revealed the acquisition price),
“To help keep systems protected, we encourage our clients to adopt certain good practices related to security when planning for domain names and internal network.
We have already launched a security warning about it in June 2009 and [en base a este] continuing commitment to the security of the client, we also buy now the domain Corp.com”.
it was originally published in
Engadget
by
Marcos Merino
.