ICANNWatch
 
  Inside ICANNWatch  
Submit Story
Home
Lost Password
Preferences
Site Messages
Top 10 Lists
Latest Comments
Search by topic

Our Mission
ICANN for Beginners
About Us
How To Use This Site
ICANNWatch FAQ
Slash Tech Info
Link to Us
Write to Us

  Useful ICANN sites  
  • ICANN itself
  • Bret Fausett's ICANN Blog
  • Internet Governance Project
  • UN Working Group on Internet Governance
  • Karl Auerbach web site
  • Müller-Maguhn home
  • UDRPinfo.com;
  • UDRPlaw.net;
  • CircleID;
  • LatinoamerICANN Project
  • ICB Tollfree News

  •   At Large Membership and Civil Society Participation in ICANN  
  • icannatlarge.com;
  • Noncommercial Users Constituency of ICANN
  • NAIS Project
  • ICANN At Large Study Committee Final Report
  • ICANN (non)Members page
  • ICANN Membership Election site

  • ICANN-Related Reading
    Browse ICANNWatch by Subject

    Ted Byfied
    - ICANN: Defending Our Precious Bodily Fluids
    - Ushering in Banality
    - ICANN! No U CANN't!
    - roving_reporter
    - DNS: A Short History and a Short Future

    David Farber
    - Overcoming ICANN (PFIR statement)

    A. Michael Froomkin
    - When We Say US™, We Mean It!
    - ICANN 2.0: Meet The New Boss
    - Habermas@ discourse.net: Toward a Critical Theory of Cyberspace
    - ICANN and Anti-Trust (with Mark Lemley)
    - Wrong Turn in Cyberspace: Using ICANN to Route Around the APA & the Constitution (html)
    - Form and Substance in Cyberspace
    - ICANN's "Uniform Dispute Resolution Policy"-- Causes and (Partial) Cures

    Milton Mueller
    - Ruling the Root
    - Success by Default: A New Profile of Domain Name Trademark Disputes under ICANN's UDRP
    - Dancing the Quango: ICANN as International Regulatory Regime
    - Goverments and Country Names: ICANN's Transformation into an Intergovernmental Regime
    - Competing DNS Roots: Creative Destruction or Just Plain Destruction?
    - Rough Justice: A Statistical Assessment of the UDRP
    - ICANN and Internet Governance

    David Post
    - Governing Cyberspace, or Where is James Madison When We Need Him?
    - The 'Unsettled Paradox': The Internet, the State, and the Consent of the Governed

    Jonathan Weinberg
    - Sitefinder and Internet Governance
    - ICANN, Internet Stability, and New Top Level Domains
    - Geeks and Greeks
    - ICANN and the Problem of Legitimacy

    Highlights of the ICANNWatch Archive
    (June 1999 - March 2001)


     
    Security Panix hijack: more details
    posted by tbyfield on Monday January 17 2005, @12:29PM

    Panix, New York City's oldest ISP and my own beloved provider, fell victim to a domain-name hijacking over the (long in the US) weekend. It isn't clear how precisely this happened, and the situation has since been resolved, allowing for DNS propagation issues. But Panix, which normally is the model of transparency, has clammed up, in part perhaps because (to quote a Panix MOTD) the incidents "involved multiple felonies here and abroad [and m]any members of law enforcement agencies in the US and at least three other countries have already been involved."



    According to comments by Slashdot user "tjls", who almost certainly is a familiar voice to old net-heads (from his contributions to BSD development no less than his role as Panix's former security maven):
    What seems to have happened is that somehow the Australian registrar "melbourneIT.com" yanked the fully paid-up registration away from Dotster (where Panix had it) without any notice whatsoever (this violates all the relevant RFCs for the Shared Registration System and the current ICANN policy *and* seems to indicate a severe bug or security problem somewhere in the registration system).
    "tjls" goes into greater detail about the transfer process here. Discussion of the event—on Slashdot, on NANOG, and elsewhere—is vexed: the received wisdom is that hijackings of this kind happen more than occasionally, that the way to prevent them is to "registrar-lock" domains, and (or, more accurately, but) that Panix had in fact registrar-locked its domains (see, for example, Sue Crawford's article on CircleID). Upshot: the shared registration system has holes. It's tempting for me to "insert de rigeur critique of ICANN here," just as it would no doubt be tempting to readers to sigh "there are those ICANN-watchers going off on ICANN again." Here's the bottom line: Panix is a very, very savvy ISP which, as they themselves say on their front page, "takes an active role in protecting free speech and privacy on the Internet, and in improving Internet security." It's also famous for firsts, among them being the first high-profile victim of a "SYN flood" attack in September 1996, which foreshadowed the rise of DDoS attacks since then. Any organization that makes the kinds of claims that ICANN does about its realm of responsibility would do well to take this hijacking as a warning, because the implications—if it involved, say, Paypal or Bank of America—could be quite severe. Maybe that's why law enforcement agencies at least four countries are so interested in the kind of incident they could so easily write off: something bad happening to a small, local, private ISP with a paltry few tens of thousands of users.

     
      ICANNWatch Login  
    Nickname:

    Password:

    [ Don't have an account yet? Please create one. It's not required, but as a registered user you can customize the site, post comments with your name, and accumulate reputation points ("karma") that will make your comments more visible. ]

     
      Related Links  
    · CircleID
    · N.Am Network Operators' Group
    · ICANN
    · tjls
    · here
    · Slashdot
    · NANOG
    · registrar-lock
    · article
    · CircleID
    · first high-profile victim of a "SYN flood" attack in September 1996
    · makes the kinds of claims that ICANN does about its realm of responsibility
    · resolved
    · More Security stories
    · Also by tbyfield
     
    This discussion has been archived. No new comments can be posted.
    Panix hijack: more details | Log in/Create an Account | Top | Search Discussion
    Click this button to post a comment to this story
    The options below will change how the comments display
    Threshold:
    Check box to change your default comment view
    The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.


    Search ICANNWatch.org:


    Privacy Policy: We will not knowingly give out your personal data -- other than identifying your postings in the way you direct by setting your configuration options -- without a court order. All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 by ICANNWatch.Org. This web site was made with Slashcode, a web portal system written in perl. Slashcode is Free Software released under the GNU/GPL license.
    You can syndicate our headlines in .rdf, .rss, or .xml. Domain registration services donated by DomainRegistry.com