should be back.

Hannigan, Martin hannigan at
Mon Jan 17 04:03:02 UTC 2005

Thanks Fared for your assistance. Ypu are great among a bunch of helpers.



Martin Hannigan
hannigan at
Verisign, Inc.

-----Original Message-----
From: owner-nanog at <owner-nanog at>
To: nanog list <nanog at>
Sent: Sun Jan 16 19:57:54 2005
Subject: should be back.

I see that DNS changes has been reverted

I have also contacted our Customer owner of
[] ( they have assured me they will remove the
DNS config as well. 

Sorry for the last response I was away for weekend. 

Majid Farid
Telecom Ottawa Limited.

-----Original Message-----
From: owner-nanog at [mailto:owner-nanog at] On Behalf Of
Gadi Evron
Sent: Sunday, January 16, 2005 7:24 PM
To: nanog list
Subject: domain hijacking - what do you do to prepared?

Until today, I considered this to be a real and relevant threat, 
although rather low in my matrix.

As someone I know said today, now that kiddies saw how much "fun" this 
is, I am sure they will attempt this again.

The question that comes to mind is - what do you do to be prepared?

I suppose that other than setting registrar lock in place, there is 
another thing one can do.


Whether it's checking the expiration date for your domain, establishing 
contact with your up-in-line authority - registrar, tld, etc. depending 
on who you are.
Having the relevant contact information at hand, establishing a set 
policy on how to handle such an incident and who to contact, bugging 
your next-in-chain about setting a policy on this with you, as well as 
setting such a policy for those who are slaves to you.

That said, all that is left now is to see how this happened (so that it 
won't happen again - just killing a fire doesn't mean it won't be 
re-ignited) and perhaps think a bit on how we do things - which I am 
sure many will now do.

Maybe this can be another discussion issue for the next NANOG 
get-together as well?


More information about the NANOG mailing list