[nsp-sec] global crossing bing redirect dns hijack?

Ramsey, Andrew Andrew.Ramsey at globalcrossing.com
Thu Jul 21 15:40:32 EDT 2011 

This is correct.

Andrew Ramsey, CISSP
Manager, Information Security Operations
Global Crossing


-----Original Message-----
From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Chris Morrow
Sent: Wednesday, July 20, 2011 8:20 AM
To: Chris Morrow; Smith, Donald; nsp-security at puck.nether.net
Subject: Re: [nsp-sec] global crossing bing redirect dns hijack?

----------- nsp-security Confidential --------

The result pointed to Jomax == paxfire

Looks like gblx. Is using their crapware.

Chris Morrow <morrowc at ops-netman.net> wrote:

>----------- nsp-security Confidential --------
>
>Paxfire'd? ?
>
>"Smith, Donald" <Donald.Smith at qwest.com> wrote:
>
>>----------- nsp-security Confidential --------
>>
>>Can someone from gblx look into this.
>>
>>http://isc.sans.edu/diary/BING+DNS+Hijack+/11236
>>
>>Your the only ISP that seems to be affected not sure if someone poisoned your resolvers or what.
>>We have had several readers write in and say they are getting the wrong IP for search.live.com from your resolvers.
>>
>>
>>(coffee != sleep) & (!coffee == sleep)
>> Donald.Smith at qwest.com
>>
>>This communication is the property of Qwest and may contain confidential or
>>privileged information. Unauthorized use of this communication is strictly
>>prohibited and may be unlawful.  If you have received this communication
>>in error, please immediately notify the sender by reply e-mail and destroy
>>all copies of the communication and any attachments.
>>
>>
>>
>>_______________________________________________
>>nsp-security mailing list
>>nsp-security at puck.nether.net
>>https://puck.nether.net/mailman/listinfo/nsp-security
>>
>>Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
>>community. Confidentiality is essential for effective Internet security counter-measures.
>>_______________________________________________
>
>
>
>_______________________________________________
>nsp-security mailing list
>nsp-security at puck.nether.net
>https://puck.nether.net/mailman/listinfo/nsp-security
>
>Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
>community. Confidentiality is essential for effective Internet security counter-measures.
>_______________________________________________



_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security

Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________

More information about the nsp-security mailing list