|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: TLD .ES screw up
Hello- Actually, from looking at your record, I would guess that instead of an unauthorized modification of your tld, a (perhaps unauthorized) modification of one of the servers has occured: A whois on NS.EUNET.ES comes back with "No match," but a WAIS on NS6265-HST (the NIChandle for LINUX2.DYCSA.ES) shows: [No name] (NS6265-HST) Hostname: NS.EUNET.ES Address: 193.127.1.11 System: ? running ? Record last updated on 21-Feb-96. If you call and talk to someone and tell them that NS6265-HST has been updated without authorization, maybe you will get a better response. The new IP and hostname probably just took a while to propogate and start causing you problems. (It was modified on 17-Jul.) Otherwise you are probably getting someone in the call center who is looking at the NIC database record for .ES and saying "I see that this record has not been modified for over a year" and thinking you are just mistaken. I am not saying that inaction in the face of a TLD problem is not bad, but giving the NIC a more tracable problem should/may result in quicker resolution of your problem. Hopefully you have gotten a reply from the NIC by now and my message is just superflous! Hope this helps, Sarah > We hate to have to deal with this in public lists, but there seems to be > the only way InterNIC reacts to problems these days :-( > > Top level domain .es was screw up by InterNIC in yesterday's root zone > update. They've added an unauthorized NS without our request, knowledge or > consent. > > We've been trying to get InterNIC to solve the problem ASAP (as it is > affecting access to nearly 200.000 hosts under .es) sending messages > to [email protected], [email protected] and a couple of their > management staff (see below) without success. We even were ingenuous enough > to try to get some techical knowledgeable person on the phone but... > first we got redirected to the IANA phone number!, second try (after > convincing the operator that InterNIC is also in charge the root zone not > only the .com .net .org domains) we had our contact data taken with the > promise of a phone back by a technician which hasn't happened yet. > > So my questions now: > > Does any one know a direct way to reach the InterNIC technical staff to solve > this kind of urgent problems? > > Shouldn't there be a specific set up of procedures, forms and communication > channels between the managers of the root zone and the TLD managers? > > Any help will be appreciated. > > Miguel A. Sanz > ES-NIC > > __________________ __ ______________________ > /_/ > Miguel A. Sanz __ __ Email: [email protected] > RedIRIS/CSIC /_/ RedIRIS /_/ Tel: + 34 1 5855152 > Serrano 142 __ Fax: + 34 1 5855146 > E-28006 Madrid /_/ > SPAIN Network Manager > ____________ Spanish Academic & Research Network ________________________ > > > > --- Forwarded mail from "Miguel A. Sanz. RedIRIS/CSIC" <[email protected]> > > Date: Wed, 30 Jul 1997 15:05:45 +0200 (MET DST) > From: "Miguel A. Sanz. RedIRIS/CSIC" <[email protected]> > To: "David H. Holtzman" <[email protected]> > Subject: (Fwd) EMERGENCY TLD .ES > Cc: [email protected] > > > Please take quick action on this and report back! > > We will wait a couple more hours before escalating this to IANA and > TLD list. > > Regards, > > Miguel A. Sanz > ES-NIC > > > --- Forwarded mail from "Miguel A. Sanz. RedIRIS/CSIC" <[email protected]> > > Date: Wed, 30 Jul 1997 11:49:59 +0200 (MET DST) > From: "Miguel A. Sanz. RedIRIS/CSIC" <[email protected]> > To: [email protected] > Subject: EMERGENCY TLD .ES > Cc: [email protected], Mark Kosters <[email protected]>, [email protected] > > > > Dear hostmaster, > > I am the technical contact of the top level domain for Spain (".es"). > > Much to our surprise we discover yesterday that a new unauthorized NS was > popping up in everybody's caches for the ".es" zone. > > At first we thought that a cache infection attack (the kind of Alternic's > against InterNIC) was taking place and spread the word that everybody in > the country upgrade to the recent versions of BIND. > > However, some places running BIND-4.9.6 and 8.1.1 were also infected!!! > > We the went to check InterNIC's database and ... the problem is there!!! > > InterNIC has made a change in the delegation of the ".es" zone without > our request, knowledge or consent. Instead of the authorized nameservers > which are: > > SUN.REDIRIS.ES 130.206.1.2 > CHICO.REDIRIS.ES 130.206.1.3 > PRADES.CESCA.ES 192.94.163.152 > NS.EUNET.ES 193.127.1.11 > SUNIC.SUNET.SE 192.36.125.2 192.36.148.18 > NS.EU.NET 192.16.202.11 > RS0.INTERNIC.NET 198.41.0.5 > NS.UU.NET 137.39.1.3 > MUNNARI.OZ.AU 128.250.1.21 128.250.22.2 > > You have now: > > SUN.REDIRIS.ES 130.206.1.2 > CHICO.REDIRIS.ES 130.206.1.3 > PRADES.CESCA.ES 192.94.163.152 > LINUX2.DYCSA.ES 195.53.97.1 > SUNIC.SUNET.SE 192.36.125.2 192.36.148.18 > NS.EU.NET 192.16.202.11 > RS0.INTERNIC.NET 198.41.0.5 > NS.UU.NET 137.39.1.3 > > For unkown reasons an unauthorized change has been made to the root > zone and the InterNIC database. You have placed a bogus NS > LINUX2.DYCSA.ES instead of the legal one: NS.EUNET.ES !!! > > Please CORRECT this as soon as possible and restart the root server. > > We would also like that you open an investigation about this case > to know if this has been caused by some InterNIC's internal error > or by an intentional ill will request made by someone. > > Please keep as inform about your actions to correct this error and > of the results of your internal investigation. > > Regards, > > Miguel A. Sanz (MAS122) > ES-NIC > > __________________ __ ______________________ > /_/ > Miguel A. Sanz __ __ Email: [email protected] > RedIRIS/CSIC /_/ RedIRIS /_/ Tel: + 34 1 5855152 > Serrano 142 __ Fax: + 34 1 5855146 > E-28006 Madrid /_/ > SPAIN Network Manager > ____________ Spanish Academic & Research Network ________________________ > > > > > ---End of forwarded mail from "Miguel A. Sanz. RedIRIS/CSIC" > <[email protected]> > > > ---End of forwarded mail from "Miguel A. Sanz. RedIRIS/CSIC" > <[email protected]> >
|