Secunia Was Owned or DNS/domain hijacked?


Today Morning Secunia website was out of service and the reason of this service disruption is a DNS-attack. Many users thought that the website was compromised by hackers but that was not the case, the attack was made on the DNS server by redirecting users attempting to enter Secunia website to Hackers Website IP address.

On the hackers website you can find the following :

Sans have recived some reports from people about this incident they found that the site web located at the following IP address:

$ host www.secunia.com
www.secunia.com is an alias for secunia.com.
secunia.com has address 81.95.49.32
secunia.com mail is handled by 0 secunia.com.

while previously www.secunia.com was at 213.150.41.226.

And by running telnet on the original Secunia’s web site the server is still running:

$ telnet 213.150.41.226 80
Trying 213.150.41.226…
Connected to secunia.com (213.150.41.226).
Escape character is ‘^]’.
GET / HTTP/1.0
Host: secunia.com

HTTP/1.1 200 OK
Date: Thu, 25 Nov 2010 08:46:29 GMT
Server: Apache

This is not the first DNS attack we read about in the news there were a big number of incidents that are related to the DNS record and it is now very important to start using and implementing the DNSSec to protect the DNS servers.

make sure you subscribe to my RSS feed!

Share
Subscribe
Notify of
guest
11 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback

[…] This post was mentioned on Twitter by Jovi Umawing, SecureTechnology, Seeb, Mourad Ben Lakhoua, Mourad ben lakhoua and others. Mourad ben lakhoua said: Secunia Was Owned or DNS/domain hijacked? http://www.sectechno.com/2010/11/25/secunia-was-owned-or-dnsdomain-hijacked/ […]

trackback

Secunia Was Owned or DNS/domain hijacked?: [sectechno.com] Today Morning Secunia website was out of service and the… http://dlvr.it/9BlFp

trackback

Secunia Was Owned or DNS/domain hijacked?: [sectechno.com] Today Morning Secunia website was out of service and… http://dlvr.it/99gFx ˃

trackback

RT @sectechno: Secunia Was Owned or DNS/domain hijacked? http://bit.ly/g4RYtr #security #infosec

trackback

RT @sectechno: Secunia Was Owned or DNS/domain hijacked? http://bit.ly/g4RYtr #security #infosec

trackback

RT @sectechno: Secunia Was Owned or DNS/domain hijacked? http://bit.ly/g4RYtr #security #infosec

trackback
trackback

RT @darkoperator: Secunia Was Owned or DNS/domain hijacked? http://bit.ly/hvpfFi

trackback
trackback

Secunia Was Owned or #DNS/domain hijacked?: Today Morning Secunia website was out of service… http://goo.gl/fb/3FDOI

trackback

Secunia Was Owned or DNS/domain hijacked? http://bit.ly/hvpfFi