Regarding panix.com

• Previous message (by thread): Regarding panix.com
• Next message (by thread): Regarding panix.com
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Something to give thought to everyone on this list using DNSbls....

Bruce Tonkin wrote:

>I have had a few emails regarding a perception that we have limited
>support to deal with issues such as panix.com, so I will just set the
>record straight.
>
>We provide a standard first level retail customer service line 24 hours
>by 5.5 days.  (which gives business hours service in all world time
>zones).
>
>We provide 24 hour by 7 day customer service for resellers (typically
>ISPs, web hosting companies etc).
>
What sort of support would you give a not-for-profit Org such as 
SORBS.net or an Org such as Spamhaus.org if our domains were hijacked 
maliciously (or not)....?

This would be particularly important to consider in the event of somone 
hijacking and creating a record such as:

*.dnsbl.sorbs.net 604800 IN A 127.0.0.2

or

*.sbl.spamhaus.org 604800 IN A 127.0.0.2

etc....

>We provide 24 hour by 7 day second level technical operations support.
>
>Most major registrars and ICANN have direct contacts into the technical
>parts of Melbourne IT.    I received notification from several parties
>via email (but I don't read email 24 hours a day).
>
>We are looking at our processes to ensure that incidents such as
>occurred with panix.com can be addressed more quickly within Melbourne
>IT, and also checking to ensure that an appropriate number of external
>people have access to the right contacts at Melbourne IT to fast track
>serious issues.
>  
>
This is certainly a start, and hopefully the nessesary people will make 
things happen to ensure it never happens again.

For the record, SORBS.net is registered with GANDI, I have no intention 
of updating the NS servers away from ones listed in the SORBS.net domain 
or transfering the domains to another registrar, however I am yet to 
find any method to 'LOCK' or 'UNLOCK' the domain... 

I note that Spamhaus.org is set 'CLIENT TRANSFER PROHIBITED' and 'CLIENT 
UPDATE PROHIBITED' so in theory this shouldn't be a problem, but the 
various earlier comments indicating that panix.com was thought to be 
'LOCKED' before the issues of the last few days provide more food for 
thought.

Regards,

Matthew

• Previous message (by thread): Regarding panix.com
• Next message (by thread): Regarding panix.com
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]