Published in News

Feds pull plug on State of California Domain Name

by on08 October 2007

Image

Shutdown of State Web site narrowly averted


 

The U.S. General Services Administration pulled the plug on State of California Web domain (ca.gov) last week, which started a chain reaction a chain of events that could have completely shut down the State of California’s Web site and have brought its government business to a stop. 

It apparently started when the Transportation Authority of Marin County, California discovered that servers that were handling the Marin County agency’s Web and domain name service had been hacked and were being used to directly link users to Web sites that had pornographic content.

Domain name servers (DNS) translate the website domain names that are typed into browsers into numerical IP addresses that computers use to communicate with other computers on the Internet. In the case of the Transportation Authority of Marin, there was one authoritative server communicating with all other DNS servers as to where to find computers operating within the tam.ca.gov domain.

The TAM’s Internet Service Provider was unable to resolve the problem of the redirect link to the pornographic Web site and eventually delegated the domain name server authority for the TAM’s domain to the State of California’s Department of Technology Services ca.gov name server. Apparently without warning or discussion with anyone at the State of California the GSA directed the federal organization responsible for managing the .gov domain to “pull the plug” on the ca.gov domain and to remove it as a valid address.

Security experts and State agencies were shocked that the federal government took such drastic action without any discussions with the State or any attempt to resolve the problem first.  Fortunately, the State California Department of Technology Services detected the shutdown of the ca.gov domain and quickly began working with the federal agency to reverse the “delisting” of the ca.gov domain from world DNS servers. 

Since DNS servers do not automatically update their records the delisting was short lived.  But it was a very close call and the State of California has vowed to be more vigilant as a result.

Read more here.

Last modified on 08 October 2007
Rate this item
(0 votes)