This is a coordinated hacking. (Was Re: Need help in flushing DNS)
Gabor Tokaji
gabor at logmein.com
Thu Jun 20 21:23:13 UTC 2013
Hello everyone, I'm new here.
+1 to this theory. I've been watching what's happening since 3am Eastern, because a domain of mine (of the many at NetSol) was a victim of this event.
-Gabor
-----Original Message-----
From: Carsten Bormann [mailto:cabo at tzi.org]
Sent: Thursday, June 20, 2013 5:11 PM
To: NANOG list
Subject: Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS)
Wild speculation:
netsol says this is a human error incurred during DDOS mitigation.
ztomy.com is a wild-card DNS provider that seems to use prolexic.
Now imagine someone at netsol or its DDOS service providers fat-fingered their DDOS-averting routing in such a way that netsol DNS traffic arrived at ztomy.com instead of a netsol server.
The ztomy.com server would know how to answer the queries...
I have no data to base this speculation on.
Grüße, Carsten
More information about the NANOG
mailing list