Amazon Route 53

Domains About To Expire

Risk Level: Medium

Description

This plugin ensures that domains do not expire prematurely. A vulnerability alert is generated for domains which are about to expire in the specified time-window. Expired domains can be lost and re-registered by a third party. It is recommended to renew domains regularly in order to have complete control over the domains.

Configuration Parameters

Domain Name Expiry Alerting Window: This parameter specifies the alerting window, i.e. the number of days before the expiration of a Route 53 domain name, the alert must be generated.

By default, the value is set to 30. Therefore, an issue will be generated if the domain names are about to expire in the next 30 days.

About the Service

Amazon Route 53 is a cloud Domain Name System (DNS) web service that is highly accessible and scalable. It is intended to provide developers and businesses with a highly dependable and cost-effective method of routing end users to Internet applications.

Amazon Route 53 connects user requests to AWS infrastructure such as Amazon EC2 instances, Elastic Load Balancing load balancers, and Amazon S3 buckets, as well as equipment outside of AWS. 

Impact

If the domain names are not restored as soon as possible, they will become accessible for registration by others. By restoring your Route 53 expired domains in a timely manner, you will regain full control over their registration.

Steps to reproduce

  1. Sign in to your AWS console.
  2. Navigate to Route 53 dashboard at: https://console.aws.amazon.com/route53/
  3. Click Registered Domains on the left navigation window, under Domains.
     
  4. Select the domain you want to examine.
  5. Check the domain expiration date listed next to Expires on the domain page, inside the domain name configuration section. If the domain is about to expire in the specified time frame, the vulnerability exists.
  6. Repeat the steps for each domain name currently registered with AWS Route 53.

Steps for remediation :

Re-register the expiring domain.

  1. Sign in to your AWS console.
  2. Navigate to Route 53 dashboard at: https://console.aws.amazon.com/route53/
  3. Click Registered Domains on the left navigation window, under Domains.
     
  4. Select the vulnerable domain.
  5. Click Enable next to Auto Renew to enable renewal of Expiring Domain. An email will be sent with the detailed steps.
  6. Repeat the steps for all vulnerable domain names currently registered with AWS Route 53.