what's happening
Alan Sondheim
sondheim at panix.com
Mon Jan 17 01:25:59 CET 2005
Panix Shell Services
Panix - Public Access Networks Corporation
Panix victim of domain name hijacking
Status as of Sun Jan 16 17:50:40 EST 2005
Recovery from the panix.com domain name hijack is underway. The registrar in
Melbourne has reverted the domain back to us, and the global Internet registry
and domain name servers are now showing the correct information.
However, due to the distributed nature of the Internet domain name system, it
will take 4-24 more hours before the false data from the hijacking expires and
is discarded by the various name servers. Our customers and servers can be
reached by using the panix.net domain, as described below.
(old information left below for reference).
Panix's main domain name, panix.com, has been hijacked by parties unknown. The
ownership of panix.com was moved to a company in Australia, the actual DNS
records were moved to a company in the United Kingdom, and panix.com's mail has
been redirected to yet another company in Canada. Panix staff are currently
working around the clock to recover our domain, but this may take until Monday,
due to the time differences and difficulties in reaching responsible parties
over the weekend.
For most customers, accesses to Panix using the panix.com domain will not work
or will end up at a false site. Since the Internet domain name system is
distributed, some network providers still have the correct information in their
name servers, but this could change at any moment.
As a temporary workaround, you can use the panix.net domain in place of
panix.com. In other words, if you're trying to log onto "shell.panix.com" or
see your mail at "mail.panix.com," use "shell.panix.net" or "mail.panix.net"
instead. However, you should only change the names of hosts that you connect to
or your return address: the name you use to login to our mail servers,
username at panix.com, should stay the same.
Mail to username at panix.com is currently being redirected to the false site ,
and should be considered lost or compromised if it does not arrive in your
Panix mailbox. If you have online accounts that authenticate via email address,
you might wish to protect them against fraud by changing that address to your
username "@panix.net".
When contacting hosts that use SSL security (URLs that begin with "https"
rather than "http", or SSL-wrapped services such as secure SMTP, secure IMAP,
or secure POP), you will see a hostname error. The server will present a
certificate that says it is "something.panix.com", and your browser or mail
program, which expects to see "something.panix.net", will complain about the
mismatch. This is an expected consequence of using the "panix.net" workaround.
If you have urgent concerns that are not addressed by this message, you can
contact us by calling +1 (212) 741-4400, and pressing 0. (You may need to leave
a message for us, but we're checking frequently.) For less-than urgent
concerns, please write to us at staff at panix.net.
Panix, the oldest commercial Internet provider in New York, is dedicated to
providing stable and reliable Internet access, email, netnews and UNIX
computing services to the public. We started in 1989, before the advent of the
Internet, and we're still going strong.
Panix is a full-service ISP, offering World Wide Web hosting, Internet
connectivity of all kinds in the New York metro area (New York City, Long
Island, Westchester, Rockland County, and New Jersey), and National Dialup--
with dialup access in over 1100 locations in 49 states.
We also specialize in UNIX shell access, from anywhere on the Internet,
anywhere in the world.
Many of our users are still receiving variations of the Beagle virus we warned
about early in March. This is email that forges "From:" addresses so that they
appear to be from Panix, and include signatures like "The Panix.com Team" and
mentioning this web site.
These are forged and they're affecting ISPs around the globe, not just Panix.
We have made some additional information about these viruses available.
More information about the Syndicate
mailing list