Re: Bell Canada contact - need help with DNS issue

2016-11-24 Thread Rich Lafferty 
dnsadmin@ is no longer, but I was able to get a ticket past the 
front-line business support to an _incredibly_ helpful enterprise-level 
support desk who figured out what was going on and paged (!) their DNS 
team to intervene.


I figured that the depths of Bell Canada were innavigable but we managed 
to get a resolution a day sooner than a TTL.


  -Rich

Paul Stewart <mailto:p...@paulstewart.org>
November 22, 2016 at 11:37 AM
Try dnsad...@bell.ca <mailto:dnsad...@bell.ca> ?  I haven’t used that 
address in quite some time but someone did respond to it some time ago


Paul


Rich Lafferty <mailto:r...@lafferty.ca>
November 19, 2016 at 11:13 AM
Hi,

Does anyone have a NOC or DNS administrator contact at Bell Canada? 
Their Toronto nameservers are returning SERVFAIL for our domain 
freshbooks.com since a general Bell DNS issue midday yesterday.



$ dig freshbooks.com @207.164.234.129

; <<>> DiG 9.8.3-P1 <<>> freshbooks.com @207.164.234.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54893
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;freshbooks.com. IN A

;; Query time: 305 msec
;; SERVER: 207.164.234.129#53(207.164.234.129)
;; WHEN: Sat Nov 19 10:44:59 2016
;; MSG SIZE rcvd: 32


No-one outside Bell is reporting issues, and other domains (ours or 
otherwise) are fine on Bell’s name servers.


Thanks,

-Rich

Bell Canada contact - need help with DNS issue

2016-11-19 Thread Rich Lafferty 

Hi,

Does anyone have a NOC or DNS administrator contact at Bell Canada? Their 
Toronto nameservers are returning SERVFAIL for our domain freshbooks.com since 
a general Bell DNS issue midday yesterday.


$ dig freshbooks.com @207.164.234.129

; <<>> DiG 9.8.3-P1 <<>> freshbooks.com @207.164.234.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54893
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;freshbooks.com.IN  A

;; Query time: 305 msec
;; SERVER: 207.164.234.129#53(207.164.234.129)
;; WHEN: Sat Nov 19 10:44:59 2016
;; MSG SIZE  rcvd: 32


No-one outside Bell is reporting issues, and other domains (ours or otherwise) 
are fine on Bell’s name servers.

Thanks,

  -Rich

-- 
Rich Lafferty
Director of IT, FreshBooks - r...@freshbooks.com
http://www.freshbooks.com/
Toll-free: (866) 303-6061  
Phone: (416) 780-2700 x233

Re: starwars.com subdomain hijacked?

2010-11-30 Thread Rich Lafferty 
Novator (Canadian web-shopping company, used to be FTD's big partner) is 
responsible for shop.starwars.com so I think all that's happened here is 
Novator forgot to renew a domain.

domainsatcost.ca is rebel.com is Momentous.ca and they own 
yourdomainhasexpired.com.

 -Rich


On 22 Nov 10, at 12:19 PM, Matt Disuko wrote:

 
 I'm surprised by the sequence of events here..
 
 domain novator2.com is registered with DomainsAtCost.ca.
 
 domain novator2.com expires...
 
 gets picked up by the administrators of yourdomainhasexpired.com - 
 Rebel.com?  1550507.ca?
 
 ;; ANSWER SECTION:
 shop.starwars.com.  1655IN  CNAME   shop.starwars.novator2.com.
 shop.starwars.novator2.com. 1655 IN A   74.54.152.75
 
 ;; AUTHORITY SECTION:
 novator2.com.   160201  IN  NS  dns2.yourdomainhasexpired.com.
 novator2.com.   160201  IN  NS  dns.yourdomainhasexpired.com.
 
 Redir'd to a advert site, instead of a default DomainsAtCost.ca holding 
 page or...nowhere.
 
 Apparently quickly renewed and given back to the original owners.
 
 Who's at play here?  Does DomainsAtCost have a deal with Rebel.com?  Or are 
 they the same company?
 
 It all seems fishy to me.  Is this normal practice?
 
 
 
 Date: Mon, 22 Nov 2010 12:05:21 -0500
 From: k...@sizone.org
 To: nanog@nanog.org
 Subject: Re: starwars.com subdomain hijacked?
 
 
 On Mon, Nov 22, 2010 at 08:49:48AM -0800, Wil Schultz said:
 Appears that it's a CNAME for shop.starwars.novator2.com. 
 
 The expiry day is 11/22/2011, so if I were to guess I would think that the 
 domain expired, sent to an advert page, and was just renewed.
 
 -wil
 
 Smartest attack is to put up a page that looks exactly the same as the
 legit site, but with your own cheaper crappier knockoff starwars paraphenalia
 ('duke', 'tewey', 'princess luba') that you sell instead and make the huge
 profits.
 
 Not to give anyone any ideas that werent obvious like 15 years ago.
 
 How anyone can tell the internet is legit at a glance is beyond me. Need
 to hookup firefox's security warning to my speakers to get a modicum of
 alert that SSL is busted, to start, nevermind anything more creative.
 
 That phishers manage to fake sites that look wrong is also beyond me, what's
 so hard about 'save page as'?
 
 /kc
 -- 
 Ken Chase - k...@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA
 Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 
 Front St. W.
 
 

-- 
Rich Lafferty
r...@lafferty.ca