And to think I went to college. Even. Folks, 'Blackberry Gone Wild'. Usually a great device, but tremendously beat and now showing it. That should simply read 'Thanks Farid'. The thing went wild storing keystrokes like it was hung, autocompleting, and sending everywhere. Twice here and to many people on in the addr book privately. Mea Culpa. -- Martin Hannigan (c) 617-388-2663 VeriSign, Inc. (w) 703-948-7018 Network Engineer IV Operations & Infrastructure hannigan@verisign.com

-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Hannigan, Martin Sent: Sunday, January 16, 2005 11:01 PM To: MajidFarid@TelecomOttawa.com; nanog@merit.edu Subject: Re: Panix.com should be back.

Thanks Fared for your assistance. Ypu are great among a bun --- Martin Hannigan hannigan@verisign.com Verisign, Inc.

-----Original Message----- From: owner-nanog@merit.edu <owner-nanog@merit.edu> To: nanog list <nanog@merit.edu> Sent: Sun Jan 16 19:57:54 2005 Subject: Panix.com should be back.

I see that DNS changes has been reverted http://www.dnsreport.com/tools/dnsreport.ch?domain=panix.com

I have also contacted our Customer owner of ns1.ukdnsservers.co.uk [panix.com] (142.46.200.67) they have assured me they will remove the DNS config as well.

Sorry for the last response I was away for weekend.

-- Majid Farid Telecom Ottawa Limited.

-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Gadi Evron Sent: Sunday, January 16, 2005 7:24 PM To: nanog list Subject: domain hijacking - what do you do to prepared?

Until today, I considered this to be a real and relevant threat, although rather low in my matrix.

As someone I know said today, now that kiddies saw how much "fun" this is, I am sure they will attempt this again.

The question that comes to mind is - what do you do to be prepared?

I suppose that other than setting registrar lock in place, there is another thing one can do.

Study!

Whether it's checking the expiration date for your domain, establishing contact with your up-in-line authority - registrar, tld, etc. depending on who you are. Having the relevant contact information at hand, establishing a set policy on how to handle such an incident and who to contact, bugging your next-in-chain about setting a policy on this with you, as well as setting such a policy for those who are slaves to you.

That said, all that is left now is to see how this happened (so that it won't happen again - just killing a fire doesn't mean it won't be re-ignited) and perhaps think a bit on how we do things - which I am sure many will now do.

Maybe this can be another discussion issue for the next NANOG get-together as well?

Gadi.