Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: panix.com hijacked (VeriSign refuses to help)

  • From: Alexei Roudnev
  • Date: Sun Jan 16 04:08:38 2005

I addition, there is a good rule for such situations:
- first, return everything to _previous_ state;
- having it fixed in previous state, allow time for laywers, disputes and so
on to resolve a problem.

It makes VeriSign position very strange (of course, it is dumb clueless
behemot as it was all the time around) - instead of saying _OK, let's return
last transactions and then you can object this change_, they just step out.
Problem is much more serious than just one stolen domain - it shows 100%
that VeriSign is not able to manage  domain system properly.

What happen if someone stole 'aol.com'domain tomorrow?  Or 'microsoft.com'?
How much damage will be done until this sleeping behemots wake up, set up a
meeting (in Tuesday I believe - because Monday is a holiday), make any
decision, open a toicket, pass thru change control and restore domain? 5
days?


----- Original Message ----- 
From: "William Allen Simpson" <wsimpson@greendragon.com>
To: <nanog@merit.edu>
Sent: Sunday, January 16, 2005 12:38 AM
Subject: Re: panix.com hijacked (VeriSign refuses to help)


>
> Since folks have been working on this for hours, and according to
> posts on NANOG, both MelbourneIT and Verisign refuse to do anything
> for days or weeks, would it be a good time to take drastic action?
>
> Think of what we'd do about a larger ISP, or the Well, or really any
> serious financial target.
>
> Think of the damage from harvesting <>logins and mail passwords of
> panix users.
>
>
>
>
>
>
>
>
>
>
> ===
>
> Does somebody have a fast DNS server that can AXFR the records from
> those 2 name servers, then fix the panix.com entries?
>
> Are people willing to announce some replacement servers as /32 BGP?
> Sort of an emergency anycast?
>
> ===
>
> Alternatively, are people willing to block those name servers and/or
> the entire blocks they are located in, to prevent the distribution of
> the false panix.com addresses?
>
> -- 
> William Allen Simpson
>     Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32
>





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.