what's happening

[Alan Sondheim]

   Panix Shell Services
Panix - Public Access Networks Corporation
Panix victim of domain name hijacking
Status as of Sun Jan 16 17:50:40 EST 2005

Recovery from the panix.com domain name hijack is underway. The registrar in 
Melbourne has reverted the domain back to us, and the global Internet registry 
and domain name servers are now showing the correct information.

However, due to the distributed nature of the Internet domain name system, it 
will take 4-24 more hours before the false data from the hijacking expires and 
is discarded by the various name servers. Our customers and servers can be 
reached by using the panix.net domain, as described below.

(old information left below for reference).


Panix's main domain name, panix.com, has been hijacked by parties unknown. The 
ownership of panix.com was moved to a company in Australia, the actual DNS 
records were moved to a company in the United Kingdom, and panix.com's mail has 
been redirected to yet another company in Canada. Panix staff are currently 
working around the clock to recover our domain, but this may take until Monday, 
due to the time differences and difficulties in reaching responsible parties 
over the weekend.

For most customers, accesses to Panix using the panix.com domain will not work 
or will end up at a false site. Since the Internet domain name system is 
distributed, some network providers still have the correct information in their 
name servers, but this could change at any moment.

As a temporary workaround, you can use the panix.net domain in place of 
panix.com. In other words, if you're trying to log onto "shell.panix.com" or 
see your mail at "mail.panix.com," use "shell.panix.net" or "mail.panix.net" 
instead. However, you should only change the names of hosts that you connect to 
or your return address: the name you use to login to our mail servers, 
username at panix.com, should stay the same.

Mail to username at panix.com is currently being redirected to the false site , 
and should be considered lost or compromised if it does not arrive in your 
Panix mailbox. If you have online accounts that authenticate via email address, 
you might wish to protect them against fraud by changing that address to your 
username "@panix.net".
When contacting hosts that use SSL security (URLs that begin with "https" 
rather than "http", or SSL-wrapped services such as secure SMTP, secure IMAP, 
or secure POP), you will see a hostname error. The server will present a 
certificate that says it is "something.panix.com", and your browser or mail 
program, which expects to see "something.panix.net", will complain about the 
mismatch. This is an expected consequence of using the "panix.net" workaround. 
If you have urgent concerns that are not addressed by this message, you can 
contact us by calling +1 (212) 741-4400, and pressing 0. (You may need to leave 
a message for us, but we're checking frequently.) For less-than urgent 
concerns, please write to us at staff at panix.net.



Panix, the oldest commercial Internet provider in New York, is dedicated to 
providing stable and reliable Internet access, email, netnews and UNIX 
computing services to the public. We started in 1989, before the advent of the 
Internet, and we're still going strong.

Panix is a full-service ISP, offering World Wide Web hosting, Internet 
connectivity of all kinds in the New York metro area (New York City, Long 
Island, Westchester, Rockland County, and New Jersey), and National Dialup-- 
with dialup access in over 1100 locations in 49 states.

We also specialize in UNIX shell access, from anywhere on the Internet, 
anywhere in the world.

Many of our users are still receiving variations of the Beagle virus we warned 
about early in March. This is email that forges "From:" addresses so that they 
appear to be from Panix, and include signatures like "The Panix.com Team" and 
mentioning this web site.

These are forged and they're affecting ISPs around the globe, not just Panix.

We have made some additional information about these viruses available.