possible scam?
Jim Mercer
jim at komodo.reptiles.org
Wed Nov 3 16:19:41 UTC 1999
the following two messages were recieved by me (and more likely many others)
the author, Joe Baptista, is a known loon in the Toronto area.
i'm not sure if he has reformed or if this is some scam he is running.
Message #1
----- Forwarded message from hostmaster at pccf.net -----
Date: Wed, 3 Nov 1999 05:23:10 -0500
From: hostmaster at pccf.net
To: nic at ns.reptiles.org
Subject: hello hostmaster for SOA nic at ns.reptiles.org.
-
Hello:
--
Hello:
*******************************************************************
* ATTENTION - Our SMTP (MailServers) are being subjected to a DOS *
* (Denial of Service) Attack.
* *
* BECAUSE OF THIS ATTACK - you may receive two copies of this *
* this email. *
*******************************************************************
I am a domain administrator with Planet Communications & Computing
Facility. We are a private network research facility. I am contacting
you with respect to the BIND 1999 Survey of Internet hosts and ICANN -
the Internet Corporation for Assigned Names and Numbers.
We conduct and maintain the BIND (Berkley Internet Name Daemon) survey
databases. Over the years we have used the BIND surveys to assist the
United States Government and the Department of Defense in closing security
holes in the domain name system infrastructure.
This year we have received financial assistance which has allowed us to
conduct an extensive enumeration of internet domain name servers. You
are receiving this message because servers where you are listed as the
SOA (source of authority) have been included in the most recent BIND
data.
We would like to invite you to pickup a report from us which details all
information available on your servers as reported in the public dns
system. The report includes a number of tests results from queries made
on your name servers and provides details on the status of any failed or
passed tests. If you are running BIND versions which can be hacked, or
are insecure, those detail are reported and supporting information
provided to assist you in closing potential security holes.
A separate message has been emailed to you with instructions on how to
extract information on your servers from our databases. It's fairly
simple, all you have to do is reply to the message and keep the subject
line intact. We have emailed it with a subject header labeled
CONFIDENTIAL. In the event you may want to forward this message to
others, you can do so without inadvertently allowing access to your
database records.
We hope that you find this information of assistance. Our intention is
to fix the numerous problems encountered in the public domain name
system. This year we enumerated in excess of 200,000 name servers.
Of those 25,000 have misconfigured SOA records, 12,000 do not resolve,
62,000 are no longer operational and 22,000 can be easily hacked.
- ICANN -
In conclusion I would like to ask that you take an active role in
Internet Governance.
The United States Government has assigned control of the Internet
Domain System and Infrastructure to ICANN (The Internet Corporation
for Assigned Names and Numbers) which represents big business
interests, trademark lawyers and public telephone companys. ICANN
intends to tax domain names and the ip infrastructure. To date a
number of regulation have been imposed on internet registrars which
take away existing rights and claims to second level domain names.
As a result of these efforts, a number of organizations have started
alternate root infrastructures and intend in competing with ICANN.
This November 1-4 ICANN will be holding public meetings in Los Angeles.
If you live in or near LA, please try to attend. If you don't, you can
participate via remote. Please help us get the word out.
Information on the meeting is available at:
http://bind1999.pccf.net/resources/meetings/
Information on the people involved in what has been termed the domain
name system wars is available at:
http://bind1999.pccf.net/resources/
It is critcal to the internets future that it remain an open system. As a
domain administrator you have control over the root cache file which now
points to the United States Government (USG) root servers. If you don't
like what ICANN and the USG is doing - you have the power to switch.
A number of alternative root servers now exists to assist you in making
that choice.
Thank you for your time.
Regards
Joe Baptista, Director
Public Research
----- End forwarded message -----
Message #2
----- Forwarded message from hostmaster at pccf.net -----
Date: Wed, 3 Nov 1999 05:23:11 -0500
Message-Id: <199911031023.FAA11327 at pccf.net>
From: bind1999 at pccf.net
To: nic at ns.reptiles.org
Subject: CONFIDENTIAL @TICKET:Nn181H4N at nic@ns.reptiles.org. - ACCESS to BIND report
-
Hello:
*******************************************************************
* ATTENTION - Our SMTP (MailServers) are being subjected to a DOS *
* (Denial of Service) Attack. Please see the following URL for *
* more instructions http://bind1999.pccf.net/resources/ *
* *
* BECAUSE OF THIS ATTACK - you may receive two copies of this *
* this email. *
*******************************************************************
This message is automatically generated by the BIND (Berkeley Internet
Name Daemon) Survey maintained by Planet Communications & Computing
Facility, Ottawa, Ontario.
A message with a detailed explaination of the survey has been emailed to
you under separate email cover.
ATTENTION - WARNING - ATTENTION
This message contains details and access instructions on recovering survey
data collected by us from the public domain name system. A report of all
name servers under your SOA RR (source of authority resource record) in
which you have been listed as hostmaster.
To recover the information - you can reply to this message making sure you
keep the subject header intact, or you can email bind1999 at pccf.net with a
subject line of:
@TICKET:Nn181H4N at nic@ns.reptiles.org.
Please include the entire ticket - including ending period.
Please make sure you delete the body of the message, so you don't
confuse our mailers.
Please note, it may take up to 24 hours for the system to compile your
report. We are currently experiencing a denial of service attack
which has delayed delivery of email.
If you mailer sends autoreplies, you may already have your report.
Regards
Joe Baptista, Director
Public Research
----- End forwarded message -----
More information about the NANOG
mailing list