Re: Another panix.com scenario? Hushmail this time

Not quite the same thing, it looks as though they just changed the DNS records and didn't change the actual ownership of the domain. It also seems to have been resolved quite quickly. I wonder how much of this is due to increased awareness following the panix.com issue, and how much is d

Another panix.com scenario? Hushmail this time

"Surfers trying to visit the web site of popular secure email service Hushmail were redirected to a false site early Sunday following a hacking attack. Hush Communications said hackers changed Hushmail's DNS records after "compromi

Re: ICANN on the panix.com theft

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Galvin wrote: > > > --On Saturday, March 26, 2005 4:58 PM -0500 David Lesher <[EMAIL PROTECTED]> > wrote: > >> >> ICANN Blames Melbourne IT for Panix Domain Hijacking > > > Unfortunately, the agenda for the next ICANN meeting: > >

Re: ICANN on the panix.com theft

--On Saturday, March 26, 2005 4:58 PM -0500 David Lesher <[EMAIL PROTECTED]> wrote: ICANN Blames Melbourne IT for Panix Domain Hijacking Unfortunately, the agenda for the next ICANN meeting: Still does not yet show that the SSAC

Re: ICANN on the panix.com theft

Speaking on Deep Background, the Press Secretary whispered: > I said: > > I also don't see any discussion on what ICANN was during during the .oops doing during > > hijack situation; maybe I missed that part. > > i dont believe this is icanns respo

Re: ICANN on the panix.com theft

On Sat, 26 Mar 2005, David Lesher wrote: > > > ICANN Blames Melbourne IT for Panix Domain Hijacking > > I also don't see any discussion on what ICANN was during during the > hijack situation; maybe I missed that part. i dont believe this is icanns responsibility.. it is however their responsib

Re: ICANN on the panix.com theft

o note: http://www.icann.org/correspondence/tonkin-to-cole-27jan05.htm The CEO of Melbourne IT received a call from the the CEO of panix.com on Sunday. This was referred to the legal team which informed the CEO of panix.com that Melbourne IT staff would first need to

Re: ICANN on the panix.com theft

te the plural) would be on the dock for something. MITs sins are pretty small in the grand scheme of things, and they didn't cause the race regime that was the root cause for PANIX.COM needing defense. ICANN is dorking the registry contracts for new sTLDs, and has dorked with the ccTLD contra

ICANN on the panix.com theft

ICANN Blames Melbourne IT for Panix Domain Hijacking Panix had its domain hijacked over the weekend of January 15-16. Its domain was registered with Dotster, a registrar based in Washington. By January 17, the domain had been restored. Melbourne IT has admitted that it was to blame for the inci

Re: Regarding panix.com

Steve Sobol wrote: Matthew Sullivan wrote: What sort of support would you give a not-for-profit Org such as SORBS.net or an Org such as Spamhaus.org if our domains were hijacked maliciously (or not)? Shouldn't matter, should it? No, that was my point. Regards, Mat

Re: Regarding registrar LOCK for panix.com

On Thu, 20 Jan 2005 13:18:03 +, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > I hope that the NANOG reform discussion spends a good > bit of its time on articulating a vision for the future > of a membership-based NANOG organization, and not worry > so much about past problems. > That is

Re: Regarding registrar LOCK for panix.com

> And not to forget that Panix was the 1st victim ever of a SYN attack in > Sept 1996: > http://www.panix.com/press/synattack.html > http://www.panix.com/press/synattack2.html And due to coordinated action between members of the NANOG mailing list and the FIREWALLS mailing list, within 24 hours

Re: Regarding registrar LOCK for panix.com

At 12:22 AM 20-01-05 +, Eric Brunner-Williams in Portland Maine wrote: I picked 1990 because Panix is 15 year old. And not to forget that Panix was the 1st victim ever of a SYN attack in Sept 1996: http://www.panix.com/press/synattack.html http://www.panix.com/press/synattack2.html Seems like

Re: Confirmation of receipt of the transfer request at Verisign for panix.com

ANOG. I wish that Dotster, as the losing > registrar, was as willing to discuss the hijack of panix.com as you as a > representative of the gaining registrar, Melbourne IT, have been. According to http://www.eweek.com/article2/0,1759,1751981,00.asp there were actually several other domains hi

Re: Confirmation of receipt of the transfer request at Verisign for panix.com

cuss the hijack of panix.com as you as a representative of the gaining registrar, Melbourne IT, have been. -Richard

Confirmation of receipt of the transfer request at Verisign for panix.com

005 20:40:34 -0500 From: [EMAIL PROTECTED] Message-Id: <[EMAIL PROTECTED]> To: Melbourne IT Reply-to: [EMAIL PROTECTED] Subject: Receipt of Transfer Request: PANIX.COM Transfer Request for: Domain Name: PANIX.COM Requesting Registrar: Melbourne IT, Ltd. d/b/a Internet Names Worldwide Current

RE: Regarding registrar LOCK for panix.com

Hello William, > > Stop blaming the victim! Stop blaming anybody else. > I at no stage have blamed the victim. In fact I am sincerely sorry for the damage caused to panix.com. The transfer should NEVER have been initiated. Melbourne IT has consistently acknowledged the error

Re: Regarding registrar LOCK for panix.com

Bruce Tonkin wrote: The information we have so far, indicates that it was not on Registrar LOCK at the registry at the time of the transfer. No, the information we have so far is that it *WAS* supposed to be on registrar-lock! Quoting Alexis Rosen, forwarded by TLS, Sun, 16 Jan 2005 07:08:59

Re: Regarding registrar LOCK for panix.com

Oki all, I wasn't going to discuss this because it is potentially confusing, but as we're ratholing on registrar lock ... --- Some 60 plus days after a party acquired a domain, s/he initiated an "UNLOCK" at the user interface of the operator that had arrainged to acquire this particular domain.

Date of transfer request (was: Regarding registrar LOCK for panix.com)

on 1/19/05 6:46 PM, Bruce Tonkin at [EMAIL PROTECTED] wrote: > The information we have so far, indicates that it was not on Registrar > LOCK at the registry at the time of the transfer. Bruce, It is well known that the date of transfer of the panix.com domain from Dotster to Melbourne

Regarding registrar LOCK for panix.com

> > On Wed, 19 Jan 2005, Darrell Greenwood wrote: > > customers' domains. Panix.com says its domain name was locked, and > > that despite this, it was still transferred. (r) > > I seem to recall someone saying it wasnt locked, now theyre > saying it was?

Re: Was panix.com in registrar-lock?

on 1/18/05 6:44 PM, william(at)elan.net at [EMAIL PROTECTED] wrote: > Based on last month data it did not have in registrar-lock. I believe > registrar lock for all panix domain (including panix.net, access.net) > was added on January 15th. I assume the domain panix.com is excluded

Re: Was panix.com in registrar-lock?

On Tue, 18 Jan 2005, Richard Parker wrote: > Does anyone know if the panix.com domain did, in fact, have an RRP > status of registrar-lock in the .com registry sometime before it was > hijacked? Based on last month data it did not have in registrar-lock. I believe registrar lock for

RE: Was panix.com in registrar-lock?

George DeCarlo, vice president of marketing at Dotster (Panix's registrar), is reported saying that Panix did not sign onto Dotster's domain-locking service. On a side, customer service-ish note, when the changes took effect, BulkRegister _told_ me registrar-lock was being enabled on all my d

Was panix.com in registrar-lock?

Does anyone know if the panix.com domain did, in fact, have an RRP status of registrar-lock in the .com registry sometime before it was hijacked? According to a couple of articles Panix officials insist that the panix.com domain had been registrar locked while George DeCarlo, vice president of

Re: Regarding panix.com

Matthew Sullivan wrote: What sort of support would you give a not-for-profit Org such as SORBS.net or an Org such as Spamhaus.org if our domains were hijacked maliciously (or not)? Shouldn't matter, should it? -- JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638) Steve

Re: Regarding panix.com

Bruce Tonkin wrote: Most major registrars and ICANN have direct contacts into the technical parts of Melbourne IT.I received notification from several parties via email (but I don't read email 24 hours a day). Bruce, Offlist, I have already given you some suggestions that I hope will be helpful

Re: panix.com hijacked

On Sun, 16 Jan 2005 [EMAIL PROTECTED] wrote: (Been there, done that - we had a major mail hub outage a while ago, and tried to get the word out by sending everybody a voice mail message, which our phone system vendor *said* should work. We resisted the temptation to send everybody e-m

RE: Panix.com should be back.

riginal Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of > Hannigan, Martin > Sent: Sunday, January 16, 2005 11:01 PM > To: [EMAIL PROTECTED]; nanog@merit.edu > Subject: Re: Panix.com should be back. > > > > > > Thanks Fared for your a

Re: fwd: Re: [registrars] Re: panix.com hijacked

Steven M. Bellovin wrote: In message <[EMAIL PROTECTED]>, "william( at)elan.net" writes: On Sun, 16 Jan 2005, Joe Maimon wrote: Thus justifying those who load their NS and corresponding NS's A records with nice long TTL Although this wasn't a problem in this case (hijacker did not

Re: [registrars] Re: panix.com hijacked

increase the TTLs on the authoritative NS records in their own zones. For panix.com, these appear to be set to 72 hours (the non-authoritative NS records for PANIX.COM in the COM zone have 48-hour TTLs). That's provided that the panix.com authoritative NS's are seen in the cache. No

Re: [registrars] Re: panix.com hijacked

ill likely have no impact on how long NS records for delegated zones remain in caches. If panix (or anybody else) wants to increase the time that their NS records stay in caches, the way to do it is to increase the TTLs on the authoritative NS records in their own zones. For panix.com, these ap

Re: fwd: Re: [registrars] Re: panix.com hijacked

In message <[EMAIL PROTECTED]>, "william( at)elan.net" writes: > > >On Sun, 16 Jan 2005, Joe Maimon wrote: > >> Thus justifying those who load their NS and corresponding NS's A records >> with nice long TTL > >Although this wasn't a problem in this case (hijacker did not appear to >have been int

RE: Regarding panix.com

all domain name records. > > I note that Spamhaus.org is set 'CLIENT TRANSFER PROHIBITED' > and 'CLIENT UPDATE PROHIBITED' so in theory this shouldn't be > a problem, but the various earlier comments indicating that > panix.com was thought to be 'LO

Re: Regarding panix.com

Something to give thought to everyone on this list using DNSbls Bruce Tonkin wrote: I have had a few emails regarding a perception that we have limited support to deal with issues such as panix.com, so I will just set the record straight. We provide a standard first level retail customer

Re: Regarding panix.com

>[...] >We are looking at our processes to ensure that incidents such as >occurred with panix.com can be addressed more quickly within Melbourne >IT, and also checking to ensure that an appropriate number of external >people have access to the right contacts at Melbourne I

[alexis@panix.com: Panix.com- Some brief comments on the hijacking of our domain]

Alexis Rosen <[EMAIL PROTECTED]> To: nanog@merit.edu Subject: Panix.com- Some brief comments on the hijacking of our domain User-Agent: Mutt/1.4.2.1i [Please note: I tried to post this five hours ago. It didn't make it, though I resubscribed to nanog-post (and acked the confirmation che

RE: panix.com in australian press

PROTECTED] On > Behalf Of Gadi Evron > Sent: Monday, January 17, 2005 10:16 AM > To: nanog list > Subject: panix.com in australian press > > > > http://www.theage.com.au/articles/2005/01/17/1105810810053.html > && > http://www.smh.com.au/articles/2005/01/17/1105810810053.html > > Gadi.

RE: Regarding panix.com

Hello All, > > Melbourne IT restored the nameservers and contact details > associated with this name first thing this morning (Monday in > Melbourne, Australia). > > We are arranging with the previous registrar (Dotster) to > have the name transferred back. As an update, the transfer back

panix.com in australian press

http://www.theage.com.au/articles/2005/01/17/1105810810053.html && http://www.smh.com.au/articles/2005/01/17/1105810810053.html Gadi.

RE: Regarding panix.com

Hello All, I have had a few emails regarding a perception that we have limited support to deal with issues such as panix.com, so I will just set the record straight. We provide a standard first level retail customer service line 24 hours by 5.5 days. (which gives business hours service in all

Re: panix.com recovery in progress

:28 2005 > > . > > .Recovery is underway from the panix.com domain hijack. > > . > > .The root name servers now have the correct information, as does the > > .WHOIS registry. Portions of the Internet will still not be able to > > .see panix.com u

Re: Panix.com should be back.

On Sun, 16 Jan 2005, Hannigan, Martin wrote: > Thanks Fared for your assistance. Ypu are great among a bunch of helpers. The same could have been said about company you work if only it actually did something especially when it was important and when they were contacted yesterday ... > --- > M

Re: fwd: Re: [registrars] Re: panix.com hijacked

w dns data would keep it for quite long in their cache. P.S. Just in case I chose not to send this info until panix.com had been restored, but we really do need to deal with how it occurred in the first place - even short term damage is bad so we need to have policies at ICANN that do no al

Re: Panix.com should be back.

Majid Farid wrote: I see that DNS changes has been reverted http://www.dnsreport.com/tools/dnsreport.ch?domain=panix.com I have also contacted our Customer owner of ns1.ukdnsservers.co.uk [panix.com] (142.46.200.67) they have assured me they will remove the DNS config as well. Ok... can you tell

Re: Panix.com should be back.

Majid Farid wrote: I see that DNS changes has been reverted http://www.dnsreport.com/tools/dnsreport.ch?domain=panix.com I have also contacted our Customer owner of ns1.ukdnsservers.co.uk [panix.com] (142.46.200.67) they have assured me they will remove the DNS config as well. It will be

RE: Panix.com should be back.

I regret not being around earlier. -- Majid -Original Message- From: Hannigan, Martin [mailto:[EMAIL PROTECTED] Sent: Sunday, January 16, 2005 11:03 PM To: Majid Farid; 'nanog@merit.edu' Subject: Re: Panix.com should be back. Thanks Fared for your assistance. Ypu are gre

Re: Panix.com should be back.

Thanks Fared for your assistance. Ypu are great among a bunch of helpers. Cheers, -M --- Martin Hannigan [EMAIL PROTECTED] Verisign, Inc. -Original Message- From: [EMAIL PROTECTED] <[EMAIL PROTECTED]> To: nanog list Sent: Sun Jan 16 19:57:54 2005 Subject: Panix.com should b

Re: Panix.com should be back.

Thanks Fared for your assistance. Ypu are great among a bun --- Martin Hannigan [EMAIL PROTECTED] Verisign, Inc. -Original Message- From: [EMAIL PROTECTED] <[EMAIL PROTECTED]> To: nanog list Sent: Sun Jan 16 19:57:54 2005 Subject: Panix.com should be back. I see that DNS c

Panix.com should be back.

I see that DNS changes has been reverted http://www.dnsreport.com/tools/dnsreport.ch?domain=panix.com I have also contacted our Customer owner of ns1.ukdnsservers.co.uk [panix.com] (142.46.200.67) they have assured me they will remove the DNS config as well. Sorry for the last response I was

Re: Regarding panix.com

On Mon, 17 Jan 2005 10:52:11 +1100 "Bruce Tonkin" <[EMAIL PROTECTED]> wrote: > In this case one of the parties was an ISP in the United Kingdom, > which is a reseller of Melbourne IT. I find it interesting that you assert that the ISP/reseller was in the United Kingdom. Our investigations estab

Re: Regarding panix.com

Bruce Tonkin wrote: Hello All, Melbourne IT restored the nameservers and contact details associated with this name first thing this morning (Monday in Melbourne, Australia). And the lack of response on a weekend is completely inappropriate. I'm glad you finally decided to do something, but there i

Regarding panix.com

Hello All, Melbourne IT restored the nameservers and contact details associated with this name first thing this morning (Monday in Melbourne, Australia). We are arranging with the previous registrar (Dotster) to have the name transferred back. We are also investigating the chain of events that

Re: panix.com recovery in progress

On Sun, 16 Jan 2005 23:12:10 +, Thor Lancelot Simon wrote: > I have just spoken to the tremendously tired and overworked ops > staff at Panix again. They would appreciate it very much if > network operators would reload their nameservers to help the good > data for panix.com pr

Re: panix.com recovery in progress

On Sun, Jan 16, 2005 at 06:01:35PM -0500, Henry Yen wrote: > > The latest shell host motd's: > > . Hijack recovery underway (elr) Sun Jan 16 17:43:28 2005 > . > .Recovery is underway from the panix.com domain hijack. > . > .The root name servers now hav

panix.com recovery in progress

The latest shell host motd's: . Hijack recovery underway (elr) Sun Jan 16 17:43:28 2005 . .Recovery is underway from the panix.com domain hijack. . .The root name servers now have the correct information, as does the .WHOIS registry. Portions of the Internet will still n

Re: panix.com

Williams in Portland Maine > [mailto:[EMAIL PROTECTED] > Sent: Sunday, 16 January 2005 10:49 AM > To: Bruce Tonkin > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: panix.com > > Bruce, > > Steve just sent this note to NANOG. > > panix.com has apparently bee

Re: panix.com hijacked

serious trouble because of very obvious fraud, and waiting a few days isn't really something he can afford to do. (If you look at the whois records now in place for panix.com they're pretty clearly the result of fraudulent activity. There is a pretty clear attempt there to maximally obscure who h

Re: panix.com hijacked (VeriSign refuses to help)

On Sun, 16 Jan 2005, Alexei Roudnev wrote: > What happen if someone stole 'aol.com'domain tomorrow? Or 'microsoft.com'? > How much damage will be done until this sleeping behemots wake up, set up a > meeting (in Tuesday I believe - because Monday is a holiday), make any > decision, open a toicket

Re: fwd: Re: [registrars] Re: panix.com hijacked

some caching servers in my neighborhood reveals that some of them return "old/correct" A RRs for panix.com at this time. presumably they have cached ns records from before the switch in the com tld zone. Thus justifying those who load their NS and corresponding NS's A records

Re: fwd: Re: [registrars] Re: panix.com hijacked

On 16 Jan 2005 at 10:25, Lou Katz wrote: > Is there anything that us folks out in the peanut gallery can > do to help, other than locally serving the panix.net zone > for panix.com? > -- > -=[L]=- actually this is amazingly helpful. in fact encouraging more ISPs to do th

Re: fwd: Re: [registrars] Re: panix.com hijacked

low is pretty confused, as from here (Michigan via Merit) the >> DNS has pointed to different places since yesterday. > >A quick survey of some caching servers in my neighborhood reveals that >some of them return "old/correct" A RRs for panix.com at this time. presumably they hav

Re: fwd: Re: [registrars] Re: panix.com hijacked

Don't panic ? ;) Lou Katz wrote: Is there anything that us folks out in the peanut gallery can do to help, other than locally serving the panix.net zone for panix.com?

Re: fwd: Re: [registrars] Re: panix.com hijacked

On 16.01 10:25, Lou Katz wrote: > > > Is there anything that us folks out in the peanut gallery can > do to help, other than locally serving the panix.net zone > for panix.com? Avoid being caught by an IPR lawyer while helping; ;-) Then organise operators to insert operational

Re: fwd: Re: [registrars] Re: panix.com hijacked

Is there anything that us folks out in the peanut gallery can do to help, other than locally serving the panix.net zone for panix.com? -- -=[L]=-

Re: fwd: Re: [registrars] Re: panix.com hijacked

y of some caching servers in my neighborhood reveals that some of them return "old/correct" A RRs for panix.com at this time. Following the DNS delegation chain from the root name servers provides "new/hijacked" answers at this time. So I assume some operators of caching server

Re: fwd: Re: [registrars] Re: panix.com hijacked

Eric Brunner-Williams in Portland Maine wrote: ... I'm particularly enamored by Ross' notion of what is going on on NANOG. --- Forwarded Message From: "Ross Wm. Rader" <[EMAIL PROTECTED]> I don't see what you are looking at - .net and .com point to the same place with no indication of anyth

Re: panix.com hijacked (VeriSign refuses to help)

On 16.01 16:34, Hank Nussbacher wrote: > > On Sun, 16 Jan 2005, Eric Brunner-Williams in Portland Maine wrote: > > One could almost think this hijack was timed to the release of the ICANN > "Requests Public Comments on Experiences with Inter-Registrar Transfer > Policy" from Jan 12: > http://www

Re: panix.com hijacked (VeriSign refuses to help)

On 16.01 16:34, Hank Nussbacher wrote: > > On Sun, 16 Jan 2005, Eric Brunner-Williams in Portland Maine wrote: > > One could almost think this hijack was timed to the release of the ICANN > "Requests Public Comments on Experiences with Inter-Registrar Transfer > Policy" from Jan 12: > http://www

fwd: Re: [registrars] Re: panix.com hijacked

rbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Mark Jeftovic <[EMAIL PROTECTED]> CC: Registrars Constituency <[EMAIL PROTECTED]> Subject: Re: [registrars] Re: panix.com hijacked References: <[EMAIL PROTECTED]> In-Reply-To: <[EMAIL PROTECTED]>

Re: panix.com hijacked (VeriSign refuses to help)

> > > > > > I addition, there is a good rule for such situations: > > - first, return everything to _previous_ state; > > - having it fixed in previous state, allow time for laywers, disputes and > so > > on to resolve a problem. > > agreed. but then proverbially, "common sense isn't". > > > What

Re: panix.com hijacked (VeriSign refuses to help)

On Sun, 16 Jan 2005, Eric Brunner-Williams in Portland Maine wrote: One could almost think this hijack was timed to the release of the ICANN "Requests Public Comments on Experiences with Inter-Registrar Transfer Policy" from Jan 12: http://www.icann.org/announcements/announcement-12jan05.htm -Ha

Re: panix.com hijacked (VeriSign refuses to help)

Oki all, Its dawn in Maine, the caffine delivery system has only just started, but I'll comment on the overnight. You're welcome [EMAIL PROTECTED] If you'll send me the cell phone number for the MIT managment I will call wearing my registrar hat and inform whoever I end up speaking with that Bru

RE: seed resolvers? Re: panix.com hijacked (VeriSign refuses to help)

] [mailto:[EMAIL PROTECTED] On Behalf Of Petra Zeidler Sent: Sunday, January 16, 2005 6:28 AM To: nanog@merit.edu Subject: seed resolvers? Re: panix.com hijacked (VeriSign refuses to help) Hi, Thus wrote Alexei Roudnev ([EMAIL PROTECTED]): > What happen if someone stole 'aol.com'domai

seed resolvers? Re: panix.com hijacked (VeriSign refuses to help)

his case b) do it on their resolvers c) the panix.com people want that to happen in the first place? regards, Petra Zeidler

Re: panix.com hijacked (VeriSign refuses to help)

--On Sunday, January 16, 2005 07:40 + Thor Lancelot Simon <[EMAIL PROTECTED]> wrote: The purported current admin contact appears to be a couple in Las Vegas who are probably the victims of a joe job. A little searching will reveal that people by that name really *do* live at the address giv

Re: panix.com hijacked

Hi! So let's see.. the users will see this when they log into shell.panix.net (since shell.panix.com is borked).. Somehow, that doesn't seem to help much.. and the hijackers could be, potentially, running a box pretending to be shell.panix.com, gathering userids and passwds :( Or put up a pop serv

Re: panix.com hijacked (VeriSign refuses to help)

- Original Message - From: "Alexei Roudnev" <[EMAIL PROTECTED]> To: "William Allen Simpson" <[EMAIL PROTECTED]>; Sent: Sunday, January 16, 2005 4:07 AM Subject: Re: panix.com hijacked (VeriSign refuses to help) > > I addition, there is a go

Re: panix.com hijacked (VeriSign refuses to help)

- Original Message - From: "William Allen Simpson" <[EMAIL PROTECTED]> To: Sent: Sunday, January 16, 2005 12:38 AM Subject: Re: panix.com hijacked (VeriSign refuses to help) > > Since folks have been working on this for hours, and according to > posts on NANOG, b

Re: panix.com hijacked (VeriSign refuses to help)

arget. Think of the damage from harvesting <>logins and mail passwords of panix users. === Does somebody have a fast DNS server that can AXFR the records from those 2 name servers, then fix the panix.com entries? Are people willing to announce some replacement servers as /32 BGP? Sort of a

Re: panix.com hijacked (VeriSign refuses to help)

- Original Message - From: "Thor Lancelot Simon" <[EMAIL PROTECTED]> To: "Paul G" <[EMAIL PROTECTED]> Cc: Sent: Sunday, January 16, 2005 2:40 AM Subject: Re: panix.com hijacked (VeriSign refuses to help) --- snip --- > I don't know if these ar

Re: panix.com hijacked (VeriSign refuses to help)

On Sun, Jan 16, 2005 at 02:22:59AM -0500, Paul G wrote: > > > - Original Message - > From: "Thor Lancelot Simon" <[EMAIL PROTECTED]> > To: > Sent: Sunday, January 16, 2005 2:04 AM > Subject: Re: panix.com hijacked (VeriSign refuses to help) >

Re: panix.com hijacked (VeriSign refuses to help)

- Original Message - From: "Thor Lancelot Simon" <[EMAIL PROTECTED]> To: Sent: Sunday, January 16, 2005 2:04 AM Subject: Re: panix.com hijacked (VeriSign refuses to help) > > Alexis Rosen tried to send this to NANOG earlier this evening but it > lo

Re: panix.com hijacked

Apologies for what may be another duplicate message, probably with broken threading. This is Alexis Rosen's original posting to this thread; we think the mail chaos caused by the hijacking of panix.com kept it from ever reaching the list (but, flying mostly-blind, we aren't sure).

Re: panix.com hijacked

On Sun, 16 Jan 2005 [EMAIL PROTECTED] wrote: > On Sun, 16 Jan 2005 01:32:46 EST, Henry Yen said: > > > from panix shell hosts motd: > > > > . panix.net usable as panix.com (marcotte) Sat Jan 15 10:44:57 2005 > > So let's see.. the users will see this when the

Re: panix.com hijacked (VeriSign refuses to help)

Alexis Rosen tried to send this to NANOG earlier this evening but it looks like it never made it. Apologies if it's a duplicate; we're both reduced to reading the list via the web interface since the legitimate addresses for panix.com have now timed out of most folks' names

Re: panix.com hijacked

On Sun, 16 Jan 2005 01:32:46 EST, Henry Yen said: > from panix shell hosts motd: > > . panix.net usable as panix.com (marcotte) Sat Jan 15 10:44:57 2005 So let's see.. the users will see this when they log into shell.panix.net (since shell.panix.com is borked).. Somehow, that d

Re: panix.com hijacked

: . panix.net usable as panix.com (marcotte) Sat Jan 15 10:44:57 2005 . .Until we resolve the issue of the domain "panix.com", we have set up .the domain "panix.net" to include the same names and addresses as ."panix.com". . .You may use this as a tem

Re: panix.com hijacked

On Sat, 15 Jan 2005 22:05:47 -0600 "Chris Adams" <[EMAIL PROTECTED]> wrote: > I do know that we've had hosting customers that have had domains with > melbourneit.com as the registrar that they were unable to ever transfer > to another registrar (despite emails, faxes, and phone calls; IIRC one >

Re: panix.com hijacked

hat dotster says they have no record of anything > resembling this request.... > Anyone happen to know if panix.com had their registrar-lock set when this happened? -mark -- Mark Jeftovic <[EMAIL PROTECTED]> Co-founder, easyDNS Technologies Inc. ph. +1-(416)-535-8672 ext 225 fx. +1-(416)-535-0237

Re: panix.com hijacked

really something he can afford to do. (If you look at the whois > records now in place for panix.com they're pretty clearly the result > of fraudulent activity. There is a pretty clear attempt there to > maximally obscure who has stolen the domain name -- this is clearly > no

Re: panix.com hijacked

they would not do anything about the problem until Monday their time. Alexis is a bit on the upset side, naturally -- his company is in serious trouble because of very obvious fraud, and waiting a few days isn't really something he can afford to do. (If you look at the whois records now in place

Re: panix.com hijacked

In message <[EMAIL PROTECTED]>, Eric Brunner-Williams in Portland Maine writes: > > >> If I were Panix ... > >Free advice. Bruce, Cliff and Chuck are people. Yes, even Chuck is a people. >You want prompt service, you ask nice and you ask the right people and you >don't assume there are facts not

Re: panix.com hijacked

> If I were Panix ... Free advice. Bruce, Cliff and Chuck are people. Yes, even Chuck is a people. You want prompt service, you ask nice and you ask the right people and you don't assume there are facts not in evidence, like errors or malfeasence, when you could be solving the problem, before th

Re: panix.com hijacked

Once upon a time, Robert Kryger <[EMAIL PROTECTED]> said: > On Sat, 15 Jan 2005, Chris Adams wrote: > >Good luck dealing with melbourneit.com; that's the place where domains > >go to die. > > Can you be a little more specific? > You imply that you have experience or anecdotes about this outfit an

Re: panix.com hijacked

I've forwared to Bruce Tonkin, who I know personally, at MIT, and Cliff Page, who I don't know as well, at Dotster, Steve's note. These are the RC reps for each registrar.

Re: panix.com hijacked

On Sat, 15 Jan 2005, Mark Jeftovic wrote: > > Once upon a time, Steven M. Bellovin <[EMAIL PROTECTED]> said: > > > panix.com has apparently been hijacked. It's now associated with a > > > different registrar -- melbourneit instead of dotster -- and a > &g

Re: panix.com hijacked

On Sat, Jan 15, 2005 at 10:27:31PM -0500, Steven M. Bellovin wrote: > > panix.com has apparently been hijacked. It's now associated with a > different registrar -- melbourneit instead of dotster -- and a > different owner. Can anyone suggest appropriate people to contact

Re: panix.com hijacked

Mark Jeftovic <[EMAIL PROTECTED]> writes: >> Once upon a time, Steven M. Bellovin <[EMAIL PROTECTED]> said: >> > panix.com has apparently been hijacked. It's now associated with a >> > different registrar -- melbourneit instead of dotster -- and a

Re: panix.com hijacked

On Sat, 15 Jan 2005, Chris Adams wrote: > > Once upon a time, Steven M. Bellovin <[EMAIL PROTECTED]> said: > > panix.com has apparently been hijacked. It's now associated with a > > different registrar -- melbourneit instead of dotster -- and a > > d

  1   2   >