Tim P
01-03-2013, 01:27 PM
Just curious to find out what happened today. :confused:
I note that the DNS zone ("kiene.com") got updated quite recently today (Serial #s 113010301 -> 113010314), presumably to clear the IP address of the rogue server (who's IP address block belongs to an organization in the British Virgin Islands).
As a disinterested (but curious) bystander, I am wondering if the (Kiene's) site admin knows how the wrong information got injected into Network Solutions' DNS servers? It sure looks like a hijack/spoof attempt, and since the zone authoritative servers (ns95.worldnic.com, ns96.worldnic.com) were involved handing out the bad info, the problem was NOT a spoof attack on a caching DNS server - it sure looks like either (a) Network Solutions' DNS servers are vulnerable to a repeat of this, or (b) somehow the kiene.com account credentials with Network Solutions were compromised.
If you would rather not say in public, PM me (I have some domains where NetSol is still doing the zone DNS, so there's where my curiosity comes from).
cheers
tim
I note that the DNS zone ("kiene.com") got updated quite recently today (Serial #s 113010301 -> 113010314), presumably to clear the IP address of the rogue server (who's IP address block belongs to an organization in the British Virgin Islands).
As a disinterested (but curious) bystander, I am wondering if the (Kiene's) site admin knows how the wrong information got injected into Network Solutions' DNS servers? It sure looks like a hijack/spoof attempt, and since the zone authoritative servers (ns95.worldnic.com, ns96.worldnic.com) were involved handing out the bad info, the problem was NOT a spoof attack on a caching DNS server - it sure looks like either (a) Network Solutions' DNS servers are vulnerable to a repeat of this, or (b) somehow the kiene.com account credentials with Network Solutions were compromised.
If you would rather not say in public, PM me (I have some domains where NetSol is still doing the zone DNS, so there's where my curiosity comes from).
cheers
tim