[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] sans.org

To: "james" <hackerwacker@xxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] sans.org
From: "Kurt Seifried" <listuser@xxxxxxxxxxxx>
Date: Tue, 2 Sep 2003 18:12:11 -0600

>gtld's can't seem to point an NS to these domains:
>
>[root@mrtg mrtg]# nslookup
>> server k.gtld-servers.net
>Default server: k.gtld-servers.net
>Address: 192.52.178.30#53
>> set querytype=NS
>> sans.org
>Server:         k.gtld-servers.net
>Address:        192.52.178.30#53
>
>Non-authoritative answer:
>*** Can't find sans.org: No answer


This is ... rather normal. .org is served by *.NSTLD.COM now. .net and .com
are still served by *.gtld-servers.net.

It looks like register.com either hosed their database, or hosed records
while trying to update various records (at the request of the owners or
someone else, who knows).

A variety of domains appear affected, sans.org, dhsield.org, incidents.org,
homepc.org, etc. All .org, all related and sharing infrastructure
aooerently.

Right now I'm inclined towards Occam's razor, this is a technical screw
up/"normal" DNS modification and not something "evil".

Kurt Seifried, kurt@xxxxxxxxxxxx
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] sans.org
  - From: B3r3n
- Re: [Full-Disclosure] sans.org
  - From: james

Prev by Date: [Full-Disclosure] The Worm tard who got busted
Next by Date: Re: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service?
Previous by thread: Re: [Full-Disclosure] sans.org
Next by thread: Re: [Full-Disclosure] sans.org
Index(es):
- Date
- Thread