Just curious to find out what happened today. :confused:

I note that the DNS zone ("kiene.com") got updated quite recently today (Serial #s 113010301 -> 113010314), presumably to clear the IP address of the rogue server (who's IP address block belongs to an organization in the British Virgin Islands).

As a disinterested (but curious) bystander, I am wondering if the (Kiene's) site admin knows how the wrong information got injected into Network Solutions' DNS servers? It sure looks like a hijack/spoof attempt, and since the zone authoritative servers (ns95.worldnic.com, ns96.worldnic.com) were involved handing out the bad info, the problem was NOT a spoof attack on a caching DNS server - it sure looks like either (a) Network Solutions' DNS servers are vulnerable to a repeat of this, or (b) somehow the kiene.com account credentials with Network Solutions were compromised.

If you would rather not say in public, PM me (I have some domains where NetSol is still doing the zone DNS, so there's where my curiosity comes from).

cheers

tim

Administrator----I too am curious. Please put me on the PM list. Reason being is that I have several registered domain names that seem to have been high-jacked (one actually has a site with my domain name!) or NetWork Solutions software got compromised.

Frank R. Pisciotta

We have account information switched between the Kiene's and the new owner today and there was an issue on the server end of the whole setup. Without getting into crazy specifics, it was a little mistake when they switched over the account. Sorry for the interruption!

- Adam

Kiene's web site used to be hosted with Network Solutions. We moved to another provider when we changed the look and feel of the website about a month or so ago. We just got around to canceling the old hosting package with Network Solutions and they overwrote our DNS with their own generic settings instead of leaving the DNS alone. We had everything setup in advanced DNS settings and when we canceled our hosting, they blew all of this away and I had to rebuild it this morning. A simple error on Network Solutions side that took a little bit of time to fix.

There was no hijacking of our DNS, this was just a simple error.

-Gregg

Thanks for the info Gregg/Adam - that's a relief!

I've migrated hosted content (e.g. from Yahoo -> Go Daddy) while leaving DNS (domain registration) with Network Solutions, and also performed similar re-hosting operations which were followed up (weeks later) with migration of DNS domain registration from NetSol to Go Daddy, but I never had any hosting with NetSol to further confuse matters. Thank goodness, apparently!

A little bit odd that they would muck with the A record for "kiene.com", though, for a whole variety of reasons. During the mix-up, your zone (serial # 113010301) still had the intact A records for mail.kiene.com, flyshop.kiene.com and a valid MX for kiene.com, so they obviously didn't nuke the whole zone.


cheers - and great looking site, btw!

Gregg,
Sent you a PM.
Best,
Larry S