ICANN/GNSO GNSO Email List Archives


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [registrars] Re: panix.com hijacked

On Sun, 16 Jan 2005, Ross Wm. Rader wrote:

> I don't see what you are looking at - .net and .com point to the same
> place with no indication of anything awry...of course, I'm late to the
> game and the DNS probably tells a different story...

Have you had your coffee yet Ross? panix.com is pointing to and the website says its a parked page on
freeparking.co.uk and is delegated to nameservers ns1 and

panix.net round robins to,,
and is delegated to ns1 and ns2.access.net

> >
> > Looks like this may be among the first high-profile unauthorized
> > transfer under the new transfer policy.
> Looks like a bunch of guys on the NANOG list engaging in a lot of
> conjecture without the benefit of a lot of facts.

Panix.com looks to have been pretty obviously moved. However what
is confusing is that the panix.net webpage seems to be "back to normal",
that is the explanation that their .com has been hijacked is gone
(it was there last night)

> > Maybe there needs to some sort of emergency reversion where at least the
> > nameservers can be rolled back immediately while the contesting parties
> > sort it out.
> Might be interesting - what criteria would trigger the process?

It could be pretty simple.

	A) Only available to domains who have transfered within the
	last N hours or X days.

	B) invoked by the losing Registrant directly who can supply
	bona-fides matching the previous version of the whois record
	and can launch the process directly with the Registry

	C) Has effect of rolling nameservers back and placing the
	domain under registry-lock status

	D) The TDRP (or something like it ) then kicks in.


Mark Jeftovic <markjr@xxxxxxxxxxx>
Co-founder, easyDNS Technologies Inc.
ph. +1-(416)-535-8672 ext 225
fx. +1-(416)-535-0237

<<< Chronological Index >>>    <<< Thread Index >>>