DNS hijack?

• Previous message (by thread): DNS hijack?
• Next message (by thread): DNS hijack?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yeah, apparently when a domain expires, a lot of DNS queries to domains in
that domain's DNS server... get redirected to a Network Solutions "this is
expired" website at that IP.
Even though those domains are perfectly legit and paid up. Or so it was
explained to me and how it appeared.

Anything I could say about my opinion of that might be actionable, or at
least inflammatory, so I'll stop now. The original problem has been
corrected.

On Thu, Nov 11, 2021 at 1:40 PM Stephane Bortzmeyer <bortzmeyer at nic.fr>
wrote:

> On Thu, Nov 11, 2021 at 01:28:07PM -0800,
>  Jeff Shultz <jeffshultz at sctcweb.com> wrote
>  a message of 105 lines which said:
>
> > I hit my registrar, DirectNic, and found I'm good through 2023. They
> > pulled up DNS checker and found that a bunch of DNS servers were
> > showing 208.91.197.132 as the IP for the domain. It's actually in
> > 64.130.197.x .
> >
> > I'm wondering if I was the only one?
>
> No, you're not. Half of the RIPE Atlas probes see the wrong address:
>
> % blaeu-resolve -r 100 --type A 2dpnr.org
> [64.130.197.11] : 59 occurrences
> [208.91.197.132] : 41 occurrences
> Test #33310635 done at 2021-11-11T21:38:30Z
>


-- 
Jeff Shultz

-- 
Like us on Social Media for News, Promotions, and other information!!

   
<https://www.facebook.com/SCTCWEB/>      
<https://www.instagram.com/sctc_sctc/>      
<https://www.yelp.com/biz/sctc-stayton-3>      
<https://www.youtube.com/c/sctcvideos>













_**** This message 
contains confidential information and is intended only for the individual 
named. If you are not the named addressee you should not disseminate, 
distribute or copy this e-mail. Please notify the sender immediately by 
e-mail if you have received this e-mail by mistake and delete this e-mail 
from your system. E-mail transmission cannot be guaranteed to be secure or 
error-free as information could be intercepted, corrupted, lost, destroyed, 
arrive late or incomplete, or contain viruses. The sender therefore does 
not accept liability for any errors or omissions in the contents of this 
message, which arise as a result of e-mail transmission. ****_

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20211111/68efe51d/attachment.html>

• Previous message (by thread): DNS hijack?
• Next message (by thread): DNS hijack?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]