Re: aljazeera.net domain owned.
Looks like 213.30.180.218 allows unrestricted zone transfers. > ls -d ALJAZEERA.NET. [[213.30.180.218]] $ORIGIN aljazeera.net. @ 15M IN SOA ns3 dnsadmin.nav-link.net. ( 2003032706 ; serial 3H ; refresh 1H ; retry 1W ; expiry 15M ) ; minimum 15M IN NS ns1sa.navlink.com. 15M IN NS ns3 15M IN MX 10 mail 15M IN A213.30.180.219 ns3 15M IN A213.30.180.218 admin 15M IN A213.30.180.219 synadmin15M IN A213.30.180.220 english 15M IN A213.30.180.219 jazad01 15M IN A213.30.180.220 wrc 15M IN A213.30.180.222 jazad02 15M IN A213.30.180.220 cm 15M IN A213.130.180.216 syndication 15M IN A213.30.180.220 jazad 15M IN A213.30.180.220 mail15M IN A64.110.61.12 www 15M IN CNAME@ bm 15M IN A213.30.180.221 www115M IN A213.30.180.219 www215M IN A213.30.180.219 ftp 15M IN CNAME@ stats 15M IN A213.30.180.222 users 15M IN A213.30.180.219 @ 15M IN SOA ns3 dnsadmin.nav-link.net. ( 2003032706 ; serial 3H ; refresh 1H ; retry 1W ; expiry 15M ) ; minimum > Handy to do a quick update on any servers doing recursion. ---Mike At 03:48 PM 27/03/2003 -0600, John Palmer wrote: Hmm - don't think so - although nothing is up there - www.aljazeera.net resolves to 127.0.0.1. This is from the MYDOMAIN.COM nameservers listed as the auth for this domain: ; <<>> DiG 8.2 <<>> ns aljazeera.net @b.gtld-servers.net ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4 ;; QUERY SECTION: ;; aljazeera.net, type = NS, class = IN ;; ANSWER SECTION: aljazeera.net. 2D IN NSNS4.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS1.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS2.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS3.MYDOMAIN.COM. ;; ADDITIONAL SECTION: NS4.MYDOMAIN.COM. 2D IN A 63.251.83.74 NS1.MYDOMAIN.COM. 2D IN A 64.94.117.195 NS2.MYDOMAIN.COM. 2D IN A 216.52.121.228 NS3.MYDOMAIN.COM. 2D IN A 66.150.161.130 ;; Total query time: 80 msec ;; FROM: LAIR.LION to SERVER: b.gtld-servers.net 192.33.14.30 ;; WHEN: Thu Mar 27 16:38:14 2003 ;; MSG SIZE sent: 31 rcvd: 179 LAIR$ dig www.aljazeera.net @ns1.mydomain.com ; <<>> DiG 8.2 <<>> www.aljazeera.net @ns1.mydomain.com ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; QUERY SECTION: ;; www.aljazeera.net, type = A, class = IN ;; ANSWER SECTION: www.aljazeera.net. 2M IN A 127.0.0.1 ;; AUTHORITY SECTION: aljazeera.net. 2M IN NSns1.mydomain.com. aljazeera.net. 2M IN NSns2.mydomain.com. aljazeera.net. 2M IN NSns3.mydomain.com. aljazeera.net. 2M IN NSns4.mydomain.com. ;; ADDITIONAL SECTION: ns1.mydomain.com. 30M IN A64.94.117.195 ns2.mydomain.com. 30M IN A216.52.121.228 ns3.mydomain.com. 30M IN A66.150.161.130 ns4.mydomain.com. 30M IN A63.251.83.74 ;; Total query time: 117 msec ;; FROM: LAIR.LION to SERVER: ns1.mydomain.com 64.94.117.195 ;; WHEN: Thu Mar 27 16:38:28 2003 ;; MSG SIZE sent: 35 rcvd: 199 - Original Message - From: "Eric Brunner-Williams in Portland Maine" <[EMAIL PROTECTED]> To: "Sean Donelan" <[EMAIL PROTECTED]> Cc: "Abdullah Ibn Hamad Al-Marri" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, March 27, 2003 15:30 Subject: Re: aljazeera.net domain owned. > > Earlier today I logged a disparity between the NSI web whois interface > and t
Re: aljazeera.net domain owned.
Hmm - don't think so - although nothing is up there - www.aljazeera.net resolves to 127.0.0.1. This is from the MYDOMAIN.COM nameservers listed as the auth for this domain: ; <<>> DiG 8.2 <<>> ns aljazeera.net @b.gtld-servers.net ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4 ;; QUERY SECTION: ;; aljazeera.net, type = NS, class = IN ;; ANSWER SECTION: aljazeera.net. 2D IN NSNS4.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS1.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS2.MYDOMAIN.COM. aljazeera.net. 2D IN NSNS3.MYDOMAIN.COM. ;; ADDITIONAL SECTION: NS4.MYDOMAIN.COM. 2D IN A 63.251.83.74 NS1.MYDOMAIN.COM. 2D IN A 64.94.117.195 NS2.MYDOMAIN.COM. 2D IN A 216.52.121.228 NS3.MYDOMAIN.COM. 2D IN A 66.150.161.130 ;; Total query time: 80 msec ;; FROM: LAIR.LION to SERVER: b.gtld-servers.net 192.33.14.30 ;; WHEN: Thu Mar 27 16:38:14 2003 ;; MSG SIZE sent: 31 rcvd: 179 LAIR$ dig www.aljazeera.net @ns1.mydomain.com ; <<>> DiG 8.2 <<>> www.aljazeera.net @ns1.mydomain.com ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; QUERY SECTION: ;; www.aljazeera.net, type = A, class = IN ;; ANSWER SECTION: www.aljazeera.net. 2M IN A 127.0.0.1 ;; AUTHORITY SECTION: aljazeera.net. 2M IN NSns1.mydomain.com. aljazeera.net. 2M IN NSns2.mydomain.com. aljazeera.net. 2M IN NSns3.mydomain.com. aljazeera.net. 2M IN NSns4.mydomain.com. ;; ADDITIONAL SECTION: ns1.mydomain.com. 30M IN A64.94.117.195 ns2.mydomain.com. 30M IN A216.52.121.228 ns3.mydomain.com. 30M IN A66.150.161.130 ns4.mydomain.com. 30M IN A63.251.83.74 ;; Total query time: 117 msec ;; FROM: LAIR.LION to SERVER: ns1.mydomain.com 64.94.117.195 ;; WHEN: Thu Mar 27 16:38:28 2003 ;; MSG SIZE sent: 35 rcvd: 199 - Original Message - From: "Eric Brunner-Williams in Portland Maine" <[EMAIL PROTECTED]> To: "Sean Donelan" <[EMAIL PROTECTED]> Cc: "Abdullah Ibn Hamad Al-Marri" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, March 27, 2003 15:30 Subject: Re: aljazeera.net domain owned. > > Earlier today I logged a disparity between the NSI web whois interface > and the whois commandline interface outputs (http://nic-iq.nic-naa.net, > bottom of page). > > I sent mail to two contacts inside Verisign, and at 4:30pm EST, the > hijack appears to be over, at least as far as NS records are concerned. > >
Re: aljazeera.net domain owned.
Earlier today I logged a disparity between the NSI web whois interface and the whois commandline interface outputs (http://nic-iq.nic-naa.net, bottom of page). I sent mail to two contacts inside Verisign, and at 4:30pm EST, the hijack appears to be over, at least as far as NS records are concerned.
Re: aljazeera.net domain owned.
On Thu, 27 Mar 2003, Abdullah Ibn Hamad Al-Marri wrote: > aljazeera.net domain owned. > > Per what the Chief Editor of www.aljazeera.net told me in the phone a while > ago the domain isn't in their control anymore. > > all the info got changed and they are wondering how did this happen. Probably one of the usual methods. Al Jazeera forgot (or the security consultant Al Jazeera hired) to implement approriate security controls for their domain records, and someone forged a registry update. This has happened in the past to numerous other domains, such as AOL.COM, SEX.COM and others. There are several levels of security controls a domain name holder can optionally use. The default level of security is extremely low, and easily spoofed. The domain name holder must take steps to implement additional security controls. Unfortunately, relatively few domain name holders take those additional steps, leaving their domain names vulnerable to unauthorized updates. It appears Al Jazeera is learning the same lessons that other highly visible web sites, e.g. Ebay, CNN, MSNBC, Yahoo, etc, learned years ago. If Al Jazeera doesn't have the in-house expertise to maintain its service, I'm sure there are numerous consulting firms looking for business which could assist them for a moderate fee.
Re: aljazeera.net domain owned.
according to the nsi retail interface, the contacts are: jazeera space channel tv station (account holder) mj alaliaj7476 (administrative contact) (they are not one of my retail or wholesale customers, and i'm not operational as a com/net registrar, yet.) it is simple enough for them to change the .com zone ns records for their SLD. folks wanting to move the data from nanog to a web page, just sent it to me, i'll add it as an annex to my "what little i know about .iq" page, at nic-iq.nic-naa.net eric
Re: aljazeera.net domain owned.
On Thu, Mar 27, 2003 at 07:14:13PM +0300, Abdullah Ibn Hamad Al-Marri wrote: > Hello, > > aljazeera.net domain owned. > from whois.crsnic.net seems the nameservers are pointing to NSx.MYDOMAIN.COM verisign whois gives diffrent nameservers. could it be that someone hijacked the domain off verisign (and they fixed it) or what other possibilites could have happened there ? -Subhi -- Subhi S Hashwa *** [EMAIL PROTECTED] --- When everything's coming your way, you're in the wrong lane.
aljazeera.net domain owned.
Hello, aljazeera.net domain owned. Per what the Chief Editor of www.aljazeera.net told me in the phone a while ago the domain isn't in their control anymore. all the info got changed and they are wondering how did this happen. A visit to the website now would explian it all. Thanks, -Abdullah
