North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: aljazeera.net domain owned.
- From: Mike Tancsa
- Date: Thu Mar 27 17:05:00 2003
Looks like 213.30.180.218 allows unrestricted zone transfers.
> ls -d ALJAZEERA.NET.
[[213.30.180.218]]
$ORIGIN aljazeera.net.
@ 15M IN SOA ns3 dnsadmin.nav-link.net. (
2003032706 ; serial
3H ; refresh
1H ; retry
1W ; expiry
15M ) ; minimum
15M IN NS ns1sa.navlink.com.
15M IN NS ns3
15M IN MX 10 mail
15M IN A 213.30.180.219
ns3 15M IN A 213.30.180.218
admin 15M IN A 213.30.180.219
synadmin 15M IN A 213.30.180.220
english 15M IN A 213.30.180.219
jazad01 15M IN A 213.30.180.220
wrc 15M IN A 213.30.180.222
jazad02 15M IN A 213.30.180.220
cm 15M IN A 213.130.180.216
syndication 15M IN A 213.30.180.220
jazad 15M IN A 213.30.180.220
mail 15M IN A 64.110.61.12
www 15M IN CNAME @
bm 15M IN A 213.30.180.221
www1 15M IN A 213.30.180.219
www2 15M IN A 213.30.180.219
ftp 15M IN CNAME @
stats 15M IN A 213.30.180.222
users 15M IN A 213.30.180.219
@ 15M IN SOA ns3 dnsadmin.nav-link.net. (
2003032706 ; serial
3H ; refresh
1H ; retry
1W ; expiry
15M ) ; minimum
>
Handy to do a quick update on any servers doing recursion.
---Mike
At 03:48 PM 27/03/2003 -0600, John Palmer wrote:
Hmm - don't think so - although nothing is up there - www.aljazeera.net
resolves to 127.0.0.1.
This is from the MYDOMAIN.COM nameservers listed as the auth for this domain:
; <<>> DiG 8.2 <<>> ns aljazeera.net @b.gtld-servers.net
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
;; QUERY SECTION:
;; aljazeera.net, type = NS, class = IN
;; ANSWER SECTION:
aljazeera.net. 2D IN NS NS4.MYDOMAIN.COM.
aljazeera.net. 2D IN NS NS1.MYDOMAIN.COM.
aljazeera.net. 2D IN NS NS2.MYDOMAIN.COM.
aljazeera.net. 2D IN NS NS3.MYDOMAIN.COM.
;; ADDITIONAL SECTION:
NS4.MYDOMAIN.COM. 2D IN A 63.251.83.74
NS1.MYDOMAIN.COM. 2D IN A 64.94.117.195
NS2.MYDOMAIN.COM. 2D IN A 216.52.121.228
NS3.MYDOMAIN.COM. 2D IN A 66.150.161.130
;; Total query time: 80 msec
;; FROM: LAIR.LION to SERVER: b.gtld-servers.net 192.33.14.30
;; WHEN: Thu Mar 27 16:38:14 2003
;; MSG SIZE sent: 31 rcvd: 179
LAIR$ dig www.aljazeera.net @ns1.mydomain.com
; <<>> DiG 8.2 <<>> www.aljazeera.net @ns1.mydomain.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;; www.aljazeera.net, type = A, class = IN
;; ANSWER SECTION:
www.aljazeera.net. 2M IN A 127.0.0.1
;; AUTHORITY SECTION:
aljazeera.net. 2M IN NS ns1.mydomain.com.
aljazeera.net. 2M IN NS ns2.mydomain.com.
aljazeera.net. 2M IN NS ns3.mydomain.com.
aljazeera.net. 2M IN NS ns4.mydomain.com.
;; ADDITIONAL SECTION:
ns1.mydomain.com. 30M IN A 64.94.117.195
ns2.mydomain.com. 30M IN A 216.52.121.228
ns3.mydomain.com. 30M IN A 66.150.161.130
ns4.mydomain.com. 30M IN A 63.251.83.74
;; Total query time: 117 msec
;; FROM: LAIR.LION to SERVER: ns1.mydomain.com 64.94.117.195
;; WHEN: Thu Mar 27 16:38:28 2003
;; MSG SIZE sent: 35 rcvd: 199
----- Original Message -----
From: "Eric Brunner-Williams in Portland Maine" <[email protected]>
To: "Sean Donelan" <[email protected]>
Cc: "Abdullah Ibn Hamad Al-Marri" <[email protected]>;
<[email protected]>; <[email protected]>
Sent: Thursday, March 27, 2003 15:30
Subject: Re: aljazeera.net domain owned.
>
> Earlier today I logged a disparity between the NSI web whois interface
> and the whois commandline interface outputs (http://nic-iq.nic-naa.net,
> bottom of page).
>
> I sent mail to two contacts inside Verisign, and at 4:30pm EST, the
> hijack appears to be over, at least as far as NS records are concerned.
>
>
|