Both Iraqi state provider Uruklink.net name servers offline
Brian McWilliams
bmcw at attbi.com
Thu Mar 27 13:23:03 UTC 2003
Someone has apparently hacked the Uruklink.net DNS server, and is trying to
redirect visitors to a third-party 9-11 memorial site. The Uruklink.net
site is still generally available via its IP address: http://62.145.94.111
Details here:
http://www.pc-radio.com/uruklink-0wned.html
Brian
At 02:57 AM 3/27/2003, Sean Donelan wrote:
>Despite very old recommendations, the Iraqi state provider Uruklink.net
>kept all of its name servers on the same subnet. Although this is
>recognized as a poor design, many domain name server operators worldwide
>do the same thing.
>
>nic1.baghdadlink.net. 2D IN A 62.145.94.1
>nic2.baghdadlink.net. 2D IN A 62.145.94.2
>
>The nic2 (62.145.94.2) has been offline for over a week. Yesterday the
>remaining name server nic1 (62.145.94.1) was running an old version of
>bind (8.1.2). It was returning obviously bogus answers to queries.
>
>In the last 24 hours, the name server application on nic1 (62.145.94.1)
>went offline. The server is online (responds to pings), but neither
>tcp or udp port 53 responds. The name server application may have
>crashed, been trashed, or shutdown by the system administrator.
More information about the NANOG
mailing list