This is a coordinated hacking. (Was Re: Need help in flushing DNS)

• Previous message (by thread): This is a coordinated hacking. (Was Re: Need help in flushing DNS)
• Next message (by thread): This is a coordinated hacking. (Was Re: Need help in flushing DNS)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

No.

The ztomy nameservers appeared in this morning's master .COM zonefile as
/authoritative/ for the number of domains I mentioned.

It is a clear change from just a couple of days ago, when the listed
nameservers were nowhere to be seen.

I have solid data to back this up, straight from Verisign GRS (Verisign),
the authoritative registry for .COM, .NET and others.

j



On Thu, Jun 20, 2013 at 4:10 PM, Carsten Bormann <cabo at tzi.org> wrote:

> Wild speculation:
>
> netsol says this is a human error incurred during DDOS mitigation.
> ztomy.com is a wild-card DNS provider that seems to use prolexic.
> Now imagine someone at netsol or its DDOS service providers
> fat-fingered their DDOS-averting routing in such a way that netsol
> DNS traffic arrived at ztomy.com instead of a netsol server.
> The ztomy.com server would know how to answer the queries...
>
> I have no data to base this speculation on.
>
> Grüße, Carsten
>
>
>


-- 
Jamie Rishaw // .com.arpa at j <- reverse it. ish.
[Impressive C-level Title Here], arpa / arpa labs

• Previous message (by thread): This is a coordinated hacking. (Was Re: Need help in flushing DNS)
• Next message (by thread): This is a coordinated hacking. (Was Re: Need help in flushing DNS)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]