Re: [DNS] Re: Policy on domain ownership

Re: [DNS] Re: Policy on domain ownership

From: Jason Allen <jallen§pobox.com>
Date: Wed, 30 Mar 2005 21:57:59 +1000
Jason Allen wrote:

> Which has been maliciously changed since 16:26 this afternoon from a 
> registrant of "Netriders Australia" to what you see above, when 
> NetRegistry was formally requested by fax from Netrider to change the 
> contact name and supply the domain password to the new contacts.

For those that need further verification that Netrider is the legal 
leasee of netrider.org.au ....

$ dig www.netrider.org.au

; <<>> DiG 9.2.3 <<>> www.netrider.org.au
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29945
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;www.netrider.org.au.           IN      A

;; ANSWER SECTION:
www.netrider.org.au.    16783   IN      A       69.90.236.26



$ dig www.netrider.com.au

; <<>> DiG 9.2.3 <<>> www.netrider.com.au
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8006
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.netrider.com.au.           IN      A

;; ANSWER SECTION:
www.netrider.com.au.    2677    IN      A       69.90.236.26


Both point to the same website/IP.


A whois of netrider.com.au and netrider.net.au will show that 
Netrider.org.au (ABN 20 358 868 741) is the registrant for both these 
domains, as it was on netrider.org.au prior to this afternoon.

This highlights the malicious nature of the contact name on 
netrider.org.au or NetRegistry changing the domain record since 16:46 
this afternoon with a new registrant.

Having the IP address for www.netrider.com.au pointing to the Netrider 
webserver further highlights that Netrider is the true legal leasee and 
the change on the netrider.org.au domain record this afternoon was 
malicious.

NetRegistry would be aware of this malicious domain record change this 
afternoon, but are obviously turning a blind eye to it. A comspiracy 
theorist coudl argue that they are actively involved in the malicious 
change? Especially since they were notified this afternoon of the issue 
around the domain.

-- 
Cheers,
Jason
Received on Fri Oct 03 2003 - 00:00:00 UTC

This archive was generated by hypermail 2.3.0 : Sat Oct 25 2014 - 08:00:14 UTC