Since folks have been working on this for hours, and according to
posts on NANOG, both MelbourneIT and Verisign refuse to do anything
for days or weeks, would it be a good time to take drastic action?
Think of what we'd do about a larger ISP, or the Well, or really any
serious financial target.
I addition, there is a good rule for such situations:
- first, return everything to _previous_ state;
- having it fixed in previous state, allow time for laywers, disputes and so
on to resolve a problem.
It makes VeriSign position very strange (of course, it is dumb clueless
behemot as it was
- Original Message -
From: Alexei Roudnev [EMAIL PROTECTED]
To: William Allen Simpson [EMAIL PROTECTED]; nanog@merit.edu
Sent: Sunday, January 16, 2005 4:07 AM
Subject: Re: panix.com hijacked (VeriSign refuses to help)
I addition, there is a good rule for such situations:
- first,
Hi!
So let's see.. the users will see this when they log into shell.panix.net
(since shell.panix.com is borked).. Somehow, that doesn't seem to help much..
and the hijackers could be, potentially, running a box pretending to be
shell.panix.com, gathering userids and passwds :(
Or put up a pop
As much as it pains me to say, I'm sure there is a little difference when it
comes to some of the big domains.
1. It doesn't take any rocket scientist to sit back and say U... I
really don't think this is a legit move without a lot of thinking!
2. If a lawyer for AOL or MS or some really
Oki all,
Its dawn in Maine, the caffine delivery system has only just started,
but I'll comment on the overnight.
You're welcome [EMAIL PROTECTED] If you'll send me the cell phone number
for the MIT managment I will call wearing my registrar hat and inform
whoever I end up speaking with that
On Sun, 16 Jan 2005, Eric Brunner-Williams in Portland Maine wrote:
One could almost think this hijack was timed to the release of the ICANN
Requests Public Comments on Experiences with Inter-Registrar Transfer
Policy from Jan 12:
http://www.icann.org/announcements/announcement-12jan05.htm
I addition, there is a good rule for such situations:
- first, return everything to _previous_ state;
- having it fixed in previous state, allow time for laywers, disputes
and
so
on to resolve a problem.
agreed. but then proverbially, common sense isn't.
What happen if someone
Oki all,
Delivery of RC mail to me is fairly desultory. Apparently there is an
earlier thread. Post-Rome the very purpose of the RC seems to me to be
doubtful (advocacy for registrars other than NetSol+4), and post-Elana
the process of the RC left me disinterested.
I'm particularly enamored by
Gentlemen and Ladies,
I concur with the view expressed by Bob Fox (IANA-134), that the
current method only favours Verisign and crooks.
The hijacking of panix.com, and the post-hijacking response of VGRS,
which could unilaterally act, but choses not to, for its own reasons,
and MelburneIT,
Eric Brunner-Williams in Portland Maine wrote:
Gentlemen and Ladies,
I concur with the view expressed by Bob Fox (IANA-134), that the
current method only favours Verisign and crooks.
The hijacking of panix.com, and the post-hijacking response of VGRS,
which could unilaterally act, but choses not
Is there anything that us folks out in the peanut gallery can
do to help, other than locally serving the panix.net zone
for panix.com?
--
-=[L]=-
On 16.01 10:25, Lou Katz wrote:
Is there anything that us folks out in the peanut gallery can
do to help, other than locally serving the panix.net zone
for panix.com?
Avoid being caught by an IPR lawyer while helping; ;-)
Then organise operators to insert operational clue
into the
Don't panic ?
;)
Lou Katz wrote:
Is there anything that us folks out in the peanut gallery can
do to help, other than locally serving the panix.net zone
for panix.com?
On Sun, Jan 16, 2005 at 07:21:55PM +0100, Daniel Karrenberg wrote:
On 16.01 12:46, William Allen Simpson wrote:
--- Forwarded Message
From: Ross Wm. Rader [EMAIL PROTECTED]
I don't see what you are looking at - .net and .com point to the same
place with no indication of
Oki all,
I was interested in a policy I came across recently at a cctld registry.
If a domain has no (or few for some value of few) hits over some period
of time post-registration, the registry will recover the string and let
another user acquire it, and presumably actually use it. So if t =
On Wed, 12 Jan 2005 12:58:43 -0500, Hannigan, Martin
[EMAIL PROTECTED] wrote:
-Original Message-
From: Joe Abley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 12, 2005 12:05 PM
To: Hannigan, Martin
Cc: NANOG list
Subject: Re: Proper authentication model
On 12
On 16 Jan 2005 at 10:25, Lou Katz wrote:
Is there anything that us folks out in the peanut gallery can
do to help, other than locally serving the panix.net zone
for panix.com?
--
-=[L]=-
actually this is amazingly helpful. in fact
encouraging more ISPs to do the same thing is, IMHO,
Andrew Brown wrote:
On Sun, Jan 16, 2005 at 07:21:55PM +0100, Daniel Karrenberg wrote:
On 16.01 12:46, William Allen Simpson wrote:
--- Forwarded Message
From: Ross Wm. Rader [EMAIL PROTECTED]
I don't see what you are looking at - .net and .com point to the same
place with no
Melbourne IT invites you to participate in a survey of brand recognition.
Please let them know what the name Melbourne IT means to you.
http://www.melbourneit.com.au/survey.php?type=brandhealth
--
The past cannot be changed. The future cannot be guaranteed.
While the Association of Trustworthy ISPs idea has some merit, we've
not been too successful in self-organizing lately. ISP/C?
At the moment, I'm concerned whether we have trustworthy TLD operators.
It's been about 24 hours, it is well-known that the domain has been
hijacked, we've heard directly
[EMAIL PROTECTED] (William Allen Simpson) wrote:
While the Association of Trustworthy ISPs idea has some merit, we've
not been too successful in self-organizing lately. ISP/C?
I thought we already had built such a thing, currently covered by ICANN.
But well...life changes everything, and for
On Jan 16, 2005, at 3:31 PM, Elmar K. Bins wrote:
By chance - how is the press coverage of this incident? Has anybody
read anything in the (online) papers? Unfortunately I haven't been
able to follow the newsboards intensely this week-end, but Germany
seems very quiet about this.
Nothing in the
On Sun, 2005-01-16 at 13:31, Elmar K. Bins wrote:
By chance - how is the press coverage of this incident? Has anybody
read anything in the (online) papers? Unfortunately I haven't been
able to follow the newsboards intensely this week-end, but Germany
seems very quiet about this.
Yours,
On Sun, 16 Jan 2005, Alexei Roudnev wrote:
What happen if someone stole 'aol.com'domain tomorrow? Or 'microsoft.com'?
How much damage will be done until this sleeping behemots wake up, set up a
meeting (in Tuesday I believe - because Monday is a holiday), make any
decision, open a toicket,
Nothing like staying on the subject That's way I started a new
thread. Let's keep this separate, please.
James Edwards wrote:
On Sun, 2005-01-16 at 13:31, Elmar K. Bins wrote:
By chance - how is the press coverage of this incident? Has anybody
read anything in the (online) papers?
On 16 Jan 2005 at 21:31, Elmar K. Bins wrote:
[EMAIL PROTECTED] (William Allen Simpson) wrote:
While the Association of Trustworthy ISPs idea has some merit, we've
not been too successful in self-organizing lately. ISP/C?
I thought we already had built such a thing, currently covered
It isn't just that the root operators are silent.
On the registrar's list there has been only five items on the subject.
1 Mark Jeftovic (easydns) who is on NANOG, copying the RC list.
2 Ross Rader (tucows) who is not, blowing it off,
no delta between authoritative and
See http://www.public-root.com for an alternative to the ICANN monopoly.
Those folks are very concerned with security.
- Original Message -
From: [EMAIL PROTECTED]
To: nanog@merit.edu
Sent: Sunday, January 16, 2005 3:45 PM
Subject: Re: Association of Trustworthy Roots?
On 16 Jan
actually godaddy has been quite reponsive for me @ 3am before.
Eric Brunner-Williams in Portland Maine wrote:
Howdy Perry,
Alexis Rosen of Panix was on the phone earlier today with the company
attorney for melbourneit -- reputedly he was informed that even if the
police called, they would not do
- Original Message -
From: William Allen Simpson [EMAIL PROTECTED]
To: North American Network Operators Group nanog@merit.edu
Sent: Sunday, January 16, 2005 4:33 PM
Subject: panix hijack press
Nothing like staying on the subject That's way I started a new
thread. Let's keep
The outcome I expected when Bruce got involved.
--- Forwarded Message
From: Bruce Tonkin [EMAIL PROTECTED]
To: Eric Brunner-Williams in Portland Maine [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by nic-naa.net
The latest shell host motd's:
. Hijack recovery underway (elr) Sun Jan 16 17:43:28 2005
.
.Recovery is underway from the panix.com domain hijack.
.
.The root name servers now have the correct information, as does the
.WHOIS registry. Portions of the Internet will still not be
On Sun, Jan 16, 2005 at 06:01:35PM -0500, Henry Yen wrote:
The latest shell host motd's:
. Hijack recovery underway (elr) Sun Jan 16 17:43:28 2005
.
.Recovery is underway from the panix.com domain hijack.
.
.The root name servers now have the correct information, as does
On 16 Jan 2005 at 15:52, John Palmer (NANOG Acct) wrote:
See http://www.public-root.com for an alternative to the ICANN monopoly.
Those folks are very concerned with security.
these folks don't seem very decentralized. do you
know if they have a public mailing list? there
doesn't seem to
On Sun, 16 Jan 2005 23:12:10 +, Thor Lancelot Simon wrote:
I have just spoken to the tremendously tired and overworked ops
staff at Panix again. They would appreciate it very much if
network operators would reload their nameservers to help the good
data for panix.com propagate over the
On Sun, 16 Jan 2005, William Allen Simpson wrote:
While the Association of Trustworthy ISPs idea has some merit, we've
not been too successful in self-organizing lately. ISP/C?
At the moment, I'm concerned whether we have trustworthy TLD operators.
It's been about 24 hours, it is
Hello All,
Melbourne IT restored the nameservers and contact details associated
with this name first thing this morning (Monday in Melbourne,
Australia).
We are arranging with the previous registrar (Dotster) to have the name
transferred back.
We are also investigating the chain of events that
Bruce Tonkin wrote:
Hello All,
Melbourne IT restored the nameservers and contact details associated
with this name first thing this morning (Monday in Melbourne,
Australia).
And the lack of response on a weekend is completely inappropriate. I'm glad you
finally decided to do something, but there
Once upon a time, Christopher L. Morrow [EMAIL PROTECTED] said:
That process/procedure is in place for a good reason,
circumventing it will lead to problems in the long run. Do you circumvent
for MS, for AOL, for ATT? At what point do you draw the line? My home
business of pot painting?
If
They don't have a mailing list that is public yet. Might
be a good suggestion.
- Original Message -
From: [EMAIL PROTECTED]
To: nanog@merit.edu
Sent: Sunday, January 16, 2005 5:35 PM
Subject: Re: Association of Trustworthy Roots?
On 16 Jan 2005 at 15:52, John Palmer (NANOG Acct)
Gadi,
The question that comes to mind is - what do you do to be prepared?
Well, for a start you can put a comment into the ICANN comments on
the new xfr policy. I did earler today. Next, you can, as some today
did, decide that cache trumps authority under some conditions, and
ensure that cache
On Sun, Jan 16, 2005, Chris Adams wrote:
We're a relatively small ISP compared to many on NANOG, but we have a
24x7 on-call system with an answering service. All domain registrars
should be required to have 24x7 service.
I agree they should have 24/7 support.
Just remember that, as an
On Mon, 17 Jan 2005 10:52:11 +1100
Bruce Tonkin [EMAIL PROTECTED] wrote:
In this case one of the parties was an ISP in the United Kingdom,
which is a reseller of Melbourne IT.
I find it interesting that you assert that the ISP/reseller was in the
United Kingdom. Our investigations
On Sun, 16 Jan 2005, Christopher L. Morrow wrote:
assume Mr. Rosen and MIT do... If the proper process was started then
things look good, though unfortunately it may take some time to resolve
the problem. That process/procedure is in place for a good reason,
circumventing it will lead to
Sean,
That's the asymmetric problem with identity theft. Companies seem to
make it easier to steal the identity (24x7 transfers with 10 minute zone
file updates) than to correct the theft (only open Monday-Friday, find the
right department, fill out multiple forms, wait 2 weeks, etc).
That
On Sun, 16 Jan 2005, Eric Brunner-Williams in Portland Maine wrote:
Chris,
CORE was neither the losing nor the gaining registrar. Please acquire
context.
I did say I didn't know which part was where the 'contract problem' was...
Adrian Chadd wrote:
I agree they should have 24/7 support.
Just remember that, as an example, Melbourne IT has probably two orders
of magnitude more clients than you. A 24x7 pager service would attract
a /lot/ of Emergencies and as such they'd have to consider running
at least a muppet level call
On Sun, 16 Jan 2005, Chris Adams wrote:
Once upon a time, Christopher L. Morrow [EMAIL PROTECTED] said:
That process/procedure is in place for a good reason,
circumventing it will lead to problems in the long run. Do you circumvent
for MS, for AOL, for ATT? At what point do you draw the
Christopher L. Morrow wrote:
On Sun, 16 Jan 2005, Chris Adams wrote:
If the proper procedure was circumvented in the first place (which
appears to be the case with panix.com), then it should be circumvented
to repair the damage as fast as possible.
If it can be proven to have been
I see that DNS changes has been reverted
http://www.dnsreport.com/tools/dnsreport.ch?domain=panix.com
I have also contacted our Customer owner of ns1.ukdnsservers.co.uk
[panix.com] (142.46.200.67) they have assured me they will remove the
DNS config as well.
Sorry for the last response I was
I saw Martians this evening, just like the movie, but the country song
didn't work.
They -did- have big heads encased in glass.
Go figure.
-M
---
Martin Hannigan
[EMAIL PROTECTED]
Verisign, Inc.
-Original Message-
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
To: North American
Thanks Fared for your assistance. Ypu are great among a bun
---
Martin Hannigan
[EMAIL PROTECTED]
Verisign, Inc.
-Original Message-
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
To: nanog list nanog@merit.edu
Sent: Sun Jan 16 19:57:54 2005
Subject: Panix.com should be back.
I see that
Thanks Fared for your assistance. Ypu are great among a bunch of helpers.
Cheers,
-M
---
Martin Hannigan
[EMAIL PROTECTED]
Verisign, Inc.
-Original Message-
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
To: nanog list nanog@merit.edu
Sent: Sun Jan 16 19:57:54 2005
Subject: Panix.com
I regret not being around earlier.
--
Majid
-Original Message-
From: Hannigan, Martin [mailto:[EMAIL PROTECTED]
Sent: Sunday, January 16, 2005 11:03 PM
To: Majid Farid; 'nanog@merit.edu'
Subject: Re: Panix.com should be back.
Thanks Fared for your assistance. Ypu are great among a
On Sun, Jan 16, 2005 at 09:57:08PM +, Eric Brunner-Williams in Portland
Maine wrote:
Gadi,
The question that comes to mind is - what do you do to be prepared?
Well, for a start you can put a comment into the ICANN comments on
the new xfr policy. I did earler today. Next, you can,
Majid Farid wrote:
I see that DNS changes has been reverted
http://www.dnsreport.com/tools/dnsreport.ch?domain=panix.com
I have also contacted our Customer owner of ns1.ukdnsservers.co.uk
[panix.com] (142.46.200.67) they have assured me they will remove the
DNS config as well.
It will be
Majid Farid wrote:
I see that DNS changes has been reverted
http://www.dnsreport.com/tools/dnsreport.ch?domain=panix.com
I have also contacted our Customer owner of ns1.ukdnsservers.co.uk
[panix.com] (142.46.200.67) they have assured me they will remove the
DNS config as well.
Ok... can you tell
On Sun, 16 Jan 2005, Joe Maimon wrote:
Thus justifying those who load their NS and corresponding NS's A records
with nice long TTL
Although this wasn't a problem in this case (hijacker did not appear to
have been interested in controlling dns since it points to default domain
registration
On Sun, 16 Jan 2005, Hannigan, Martin wrote:
Thanks Fared for your assistance. Ypu are great among a bunch of helpers.
The same could have been said about company you work if only it actually
did something especially when it was important and when they were contacted
yesterday ...
---
Just remember that, as an example, Melbourne IT has probably two orders
of magnitude more clients than you. A 24x7 pager service would attract
a /lot/ of Emergencies and as such they'd have to consider running
at least a muppet level call service outside of hours to filter
emergency requests
Joe Maimon [EMAIL PROTECTED] writes:
Or perhaps do you mean previous owners can call in a stop order or
dispute the transfer unilaterally within X days of occurence, much
like it works for many REAL money transactions?
That makes considerable sense. You should be able to call in, say
On Sun, 16 Jan 2005, Jim Shankland wrote:
Of course it's unreasonable to expect a registrar to have to
put up with such a burden during off hours: God only knows what
kind of silly calls would come in. Emergencies are best
handled in a batch during the regular work week. For the
stuff
- Original Message -
From: Steven J. Sobol [EMAIL PROTECTED]
To: Jim Shankland [EMAIL PROTECTED]
Cc: Adrian Chadd [EMAIL PROTECTED]; nanog@merit.edu
Sent: Monday, January 17, 2005 1:33 AM
Subject: Re: The entire mechanism is Wrong!
On Sun, 16 Jan 2005, Jim Shankland wrote:
Of
There is more sertious problem here.
I can image 2 kinds of transfer:
- (1) domain is transferred WITHOUT CHANGES to the new registrar. Notice -
WITHOUT CHANGES. New registrar
should not change diomain without explicit order from owner.
- (2) Domain is expired and, after reasonable HOLD period,
On Sun, 16 Jan 2005, Alexei Roudnev wrote:
If people like Melbourne IT are going to claim they can't act on
weekends, it might also be sensible not to allow transfers to be
processed between Thursday and Sunday, though honestly I think if you
are going to be a registrar, you are going
At 09:31 PM 16-01-05 +0100, Elmar K. Bins wrote:
By chance - how is the press coverage of this incident? Has anybody
read anything in the (online) papers? Unfortunately I haven't been
able to follow the newsboards intensely this week-end, but Germany
seems very quiet about this.
The longest piece:
Hello All,
I have had a few emails regarding a perception that we have limited
support to deal with issues such as panix.com, so I will just set the
record straight.
We provide a standard first level retail customer service line 24 hours
by 5.5 days. (which gives business hours service in all
68 matches
Mail list logo
