This is a coordinated hacking. (Was Re: Need help in flushing DNS)

Gabor Tokaji gabor at logmein.com
Thu Jun 20 21:23:13 UTC 2013


Hello everyone, I'm new here.
+1 to this theory. I've been watching what's happening since 3am Eastern, because a domain of mine (of the many at NetSol) was a victim of this event.

-Gabor

-----Original Message-----
From: Carsten Bormann [mailto:cabo at tzi.org] 
Sent: Thursday, June 20, 2013 5:11 PM
To: NANOG list
Subject: Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS)

Wild speculation:

netsol says this is a human error incurred during DDOS mitigation.
ztomy.com is a wild-card DNS provider that seems to use prolexic.
Now imagine someone at netsol or its DDOS service providers fat-fingered their DDOS-averting routing in such a way that netsol DNS traffic arrived at ztomy.com instead of a netsol server.
The ztomy.com server would know how to answer the queries...

I have no data to base this speculation on.

Grüße, Carsten






More information about the NANOG mailing list