aljazeera.net domain owned.
Mike Tancsa
mike at sentex.net
Thu Mar 27 22:04:28 UTC 2003
Looks like 213.30.180.218 allows unrestricted zone transfers.
> ls -d ALJAZEERA.NET.
[[213.30.180.218]]
$ORIGIN aljazeera.net.
@ 15M IN SOA ns3 dnsadmin.nav-link.net. (
2003032706 ; serial
3H ; refresh
1H ; retry
1W ; expiry
15M ) ; minimum
15M IN NS ns1sa.navlink.com.
15M IN NS ns3
15M IN MX 10 mail
15M IN A 213.30.180.219
ns3 15M IN A 213.30.180.218
admin 15M IN A 213.30.180.219
synadmin 15M IN A 213.30.180.220
english 15M IN A 213.30.180.219
jazad01 15M IN A 213.30.180.220
wrc 15M IN A 213.30.180.222
jazad02 15M IN A 213.30.180.220
cm 15M IN A 213.130.180.216
syndication 15M IN A 213.30.180.220
jazad 15M IN A 213.30.180.220
mail 15M IN A 64.110.61.12
www 15M IN CNAME @
bm 15M IN A 213.30.180.221
www1 15M IN A 213.30.180.219
www2 15M IN A 213.30.180.219
ftp 15M IN CNAME @
stats 15M IN A 213.30.180.222
users 15M IN A 213.30.180.219
@ 15M IN SOA ns3 dnsadmin.nav-link.net. (
2003032706 ; serial
3H ; refresh
1H ; retry
1W ; expiry
15M ) ; minimum
>
Handy to do a quick update on any servers doing recursion.
---Mike
At 03:48 PM 27/03/2003 -0600, John Palmer wrote:
>Hmm - don't think so - although nothing is up there - www.aljazeera.net
>resolves to 127.0.0.1.
>This is from the MYDOMAIN.COM nameservers listed as the auth for this domain:
>
>; <<>> DiG 8.2 <<>> ns aljazeera.net @b.gtld-servers.net
>; (1 server found)
>;; res options: init recurs defnam dnsrch
>;; got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
>;; flags: qr rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
>;; QUERY SECTION:
>;; aljazeera.net, type = NS, class = IN
>
>;; ANSWER SECTION:
>aljazeera.net. 2D IN NS NS4.MYDOMAIN.COM.
>aljazeera.net. 2D IN NS NS1.MYDOMAIN.COM.
>aljazeera.net. 2D IN NS NS2.MYDOMAIN.COM.
>aljazeera.net. 2D IN NS NS3.MYDOMAIN.COM.
>
>;; ADDITIONAL SECTION:
>NS4.MYDOMAIN.COM. 2D IN A 63.251.83.74
>NS1.MYDOMAIN.COM. 2D IN A 64.94.117.195
>NS2.MYDOMAIN.COM. 2D IN A 216.52.121.228
>NS3.MYDOMAIN.COM. 2D IN A 66.150.161.130
>
>;; Total query time: 80 msec
>;; FROM: LAIR.LION to SERVER: b.gtld-servers.net 192.33.14.30
>;; WHEN: Thu Mar 27 16:38:14 2003
>;; MSG SIZE sent: 31 rcvd: 179
>
>LAIR$ dig www.aljazeera.net @ns1.mydomain.com
>
>; <<>> DiG 8.2 <<>> www.aljazeera.net @ns1.mydomain.com
>; (1 server found)
>;; res options: init recurs defnam dnsrch
>;; got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
>;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
>;; QUERY SECTION:
>;; www.aljazeera.net, type = A, class = IN
>
>;; ANSWER SECTION:
>www.aljazeera.net. 2M IN A 127.0.0.1
>
>;; AUTHORITY SECTION:
>aljazeera.net. 2M IN NS ns1.mydomain.com.
>aljazeera.net. 2M IN NS ns2.mydomain.com.
>aljazeera.net. 2M IN NS ns3.mydomain.com.
>aljazeera.net. 2M IN NS ns4.mydomain.com.
>
>;; ADDITIONAL SECTION:
>ns1.mydomain.com. 30M IN A 64.94.117.195
>ns2.mydomain.com. 30M IN A 216.52.121.228
>ns3.mydomain.com. 30M IN A 66.150.161.130
>ns4.mydomain.com. 30M IN A 63.251.83.74
>
>;; Total query time: 117 msec
>;; FROM: LAIR.LION to SERVER: ns1.mydomain.com 64.94.117.195
>;; WHEN: Thu Mar 27 16:38:28 2003
>;; MSG SIZE sent: 35 rcvd: 199
>
>----- Original Message -----
>From: "Eric Brunner-Williams in Portland Maine" <brunner at nic-naa.net>
>To: "Sean Donelan" <sean at donelan.com>
>Cc: "Abdullah Ibn Hamad Al-Marri" <arabian at ArabChat.Org>;
><nanog at merit.edu>; <brunner at nic-naa.net>
>Sent: Thursday, March 27, 2003 15:30
>Subject: Re: aljazeera.net domain owned.
>
>
> >
> > Earlier today I logged a disparity between the NSI web whois interface
> > and the whois commandline interface outputs (http://nic-iq.nic-naa.net,
> > bottom of page).
> >
> > I sent mail to two contacts inside Verisign, and at 4:30pm EST, the
> > hijack appears to be over, at least as far as NS records are concerned.
> >
> >
More information about the NANOG
mailing list