TLD .ES screw up

Miguel A. Sanz. RedIRIS/CSIC miguel.sanz at rediris.es
Wed Jul 30 16:01:44 UTC 1997 


We hate to have to deal with this in public lists, but there seems to be
the only way InterNIC reacts to problems these days :-(

Top level domain .es was screw up by InterNIC in yesterday's root zone
update. They've added an unauthorized NS without our request, knowledge or
consent.

We've been trying to get InterNIC to solve the problem ASAP (as it is
affecting access to nearly 200.000 hosts under .es) sending messages
to action at internic.net, hostmaster at internic.net and a couple of their
management staff (see below) without success. We even were ingenuous enough
to try to get some techical knowledgeable person on the phone but...
first we got redirected to the IANA phone number!, second try (after
convincing the operator that InterNIC is also in charge the root zone not
only the .com .net .org domains) we had our contact data taken with the
promise of a phone back by a technician which hasn't happened yet.

So my questions now:

Does any one know a direct way to reach the InterNIC technical staff to solve
this kind of urgent problems?

Shouldn't there be a specific set up of procedures, forms and communication
channels between the managers of the root zone and the TLD managers?

Any help will be appreciated.

Miguel A. Sanz
ES-NIC

__________________           __                    ______________________
                            /_/
Miguel A. Sanz       __            __       Email: miguel.sanz at rediris.es
RedIRIS/CSIC        /_/  RedIRIS  /_/              Tel:    + 34 1 5855152
Serrano 142                __                      Fax:    + 34 1 5855146
E-28006  Madrid           /_/
SPAIN                                                 Network Manager
____________ Spanish Academic & Research Network ________________________



--- Forwarded mail from "Miguel A. Sanz. RedIRIS/CSIC" <miguel.sanz at rediris.es>

Date: Wed, 30 Jul 1997 15:05:45 +0200 (MET DST)
From: "Miguel A. Sanz. RedIRIS/CSIC" <miguel.sanz at rediris.es>
To: "David H. Holtzman" <dholtz at internic.net>
Subject: (Fwd) EMERGENCY TLD .ES
Cc: hostmaster at nic.es


Please take quick action on this and report back!

We will wait a couple more hours before escalating this to IANA and
TLD list.

Regards,

Miguel A. Sanz
ES-NIC


--- Forwarded mail from "Miguel A. Sanz. RedIRIS/CSIC" <miguel.sanz at rediris.es>

Date: Wed, 30 Jul 1997 11:49:59 +0200 (MET DST)
From: "Miguel A. Sanz. RedIRIS/CSIC" <miguel.sanz at rediris.es>
To: hostmaster at internic.net
Subject: EMERGENCY TLD .ES
Cc: cert at rediris.es, Mark Kosters <markk at internic.net>, hostmaster at nic.es



Dear hostmaster,

I am the technical contact of the top level domain for Spain (".es").

Much to our surprise we discover yesterday that a new unauthorized NS was
popping up in everybody's caches for the ".es" zone.

At first we thought that a cache infection attack (the kind of Alternic's
against InterNIC) was taking place and spread the word that everybody in
the country upgrade to the recent versions of BIND.

However, some places running BIND-4.9.6 and 8.1.1 were also infected!!!

We the went to check InterNIC's database and ... the problem is there!!!

InterNIC has made a change in the delegation of the ".es" zone without
our request, knowledge or consent. Instead of the authorized nameservers
which are:

   SUN.REDIRIS.ES		130.206.1.2
   CHICO.REDIRIS.ES		130.206.1.3
   PRADES.CESCA.ES		192.94.163.152
   NS.EUNET.ES			193.127.1.11
   SUNIC.SUNET.SE		192.36.125.2 192.36.148.18
   NS.EU.NET			192.16.202.11
   RS0.INTERNIC.NET		198.41.0.5
   NS.UU.NET			137.39.1.3
   MUNNARI.OZ.AU		128.250.1.21 128.250.22.2

You have now:

   SUN.REDIRIS.ES		130.206.1.2
   CHICO.REDIRIS.ES		130.206.1.3
   PRADES.CESCA.ES		192.94.163.152
   LINUX2.DYCSA.ES		195.53.97.1
   SUNIC.SUNET.SE		192.36.125.2 192.36.148.18
   NS.EU.NET			192.16.202.11
   RS0.INTERNIC.NET		198.41.0.5
   NS.UU.NET			137.39.1.3

For unkown reasons an unauthorized change has been made to the root
zone and the InterNIC database. You have placed a bogus NS
LINUX2.DYCSA.ES instead of the legal one: NS.EUNET.ES !!!

Please CORRECT this as soon as possible and restart the root server.

We would also like that you open an investigation about this case
to know if this has been caused by some InterNIC's internal error
or by an intentional ill will request made by someone.

Please keep as inform about your actions to correct this error and
of the results of your internal investigation.

Regards,

Miguel A. Sanz (MAS122)
ES-NIC

__________________           __                    ______________________
                            /_/
Miguel A. Sanz       __            __       Email: miguel.sanz at rediris.es
RedIRIS/CSIC        /_/  RedIRIS  /_/              Tel:    + 34 1 5855152
Serrano 142                __                      Fax:    + 34 1 5855146
E-28006  Madrid           /_/
SPAIN                                                 Network Manager
____________ Spanish Academic & Research Network ________________________




---End of forwarded mail from "Miguel A. Sanz. RedIRIS/CSIC"
<miguel.sanz at rediris.es>


---End of forwarded mail from "Miguel A. Sanz. RedIRIS/CSIC"
<miguel.sanz at rediris.es>

More information about the NANOG mailing list