Security alert - http://www.bugmenot.com/ offering username/passwords online
Hi everyone, I just thought I'd share this with everyone as we recently found that some of our domains were on this website... It's the first website of it's kind that I've ever come across and personally I'm concerned that it's going to grow in popularity. There is an automated system to allow systems admins to block their domains from this website... definitely worth doing. Cheers - Paul England
Bugmenot has been around for years, and to some extent has a bit of a cult following - ie, if you know about it you use it, but it's not too widely "advertised". This may change in the future as the guy who actually does it has just released a "commercial" version, being www.retailmenot.com For the most part the sites that most people seem to use it for are ones where they would have just entered an invalid name/email for anyway which is why most of the big players seem to ignore it (google for bugmenot and nytimes together and you'll see what I mean!), but if you've got legal issues/pay customers/etc appearing on it then it's certainly worth blacklisting your sites. Scott On Thu, Nov 08, 2007 at 01:42:20PM +1300, Paul England wrote:
Russell Fulton wrote:
It's linked off the FAQ http://www.bugmenot.com/faq.php#04.1 http://www.bugmenot.com/report.php
yes, I know, replying to myself and top quoting, tutu.. :) I was able to get our whole domain (*.auckland.ac.nz) banned with a single (very polite :) email to bugmenotter(a)gmail.com since the standard method in the FAQ was a server by server solution and required one to create special files in the document root of each server... The whole process took about an hour. I'm truly impressed! Russell. Russell Fulton wrote:
Paul England wrote:
It's the first website of it's kind that I've ever come across and personally I'm concerned that it's going to grow in popularity.
The problem is that it serves a purpose. There are more and more sites now forcing you to sign up for no good reason. It's one thing if paying customer information turns up on bugmenot, but as just a way to stop blatant information trawling...... I don't see why not. Dean
Oh yeah for sure, The only reason I made mention of this is because we discovered people using login credentials to send spam via webmail... Also after a few quick searches I saw that the majority of NZ ISP's are not blocked on this site... Thought it would be worth a mention... Cheers On Thu, 2007-11-08 at 15:28 +1300, Dean Pemberton wrote:
Anyone know what's up with the whois server? Tried from 3 hosts and also dnc.org.nz , all result in a request denied for any domain I query. query_datetime: 2007-11-12T12:50:44+13:00 domain_name: unix.co.nz query_status: 440 Request Denied I cannot see any planned work and "There are no known problems, the WHOIS server is on-line." - http://www.nzrs.net.nz/notices/index.shtml Cheers B
Barry Murphy wrote:
Ok from here - are you running lots of queries from a script? You've probably been blocked. http://dnc.org.nz/content/*whois*.pdf <-- Section 6
Just to make it clear to those that replied, a few people did notice the same thing as me however it was fixed 5 mins after my email. It was down for about 15 mins prior to me emailing, however may have been longer but that's when I noticed it. I am aware of the whois limits and this was not the cause, I ran the whois from 3 different IP addresses on different servers and different locations, I also tested from the dnc.org.nz website, all of which failed. The problem is now resolved so we'll leave it there. Thanks B
There were no outages to the .nz whois service yesterday. When the whois service is under load, requests may be restricted or dropped. If you have any concerns about the service from your location you can provide your IP address to the DNC office and they will investigate your issue. Cheers Dave Baker .nz Registry Services
Well, how about the queries Barry did on the DNC website itself - from your own IP address? If a failure to respond, weather through excessive load or some other reason, is not an outage, then what is? -----Original Message----- From: DNS [mailto:dns(a)nzrs.net.nz] Sent: Tuesday, 13 November 2007 12:47 p.m. To: nznog(a)list.waikato.ac.nz Subject: Re: [nznog] NZSRS Whois server 440 Request Denied There were no outages to the .nz whois service yesterday. When the whois service is under load, requests may be restricted or dropped. If you have any concerns about the service from your location you can provide your IP address to the DNC office and they will investigate your issue. Cheers Dave Baker .nz Registry Services _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Philip, from what I've gathered the whois server was busy at the time and restricted whois to 4 of my servers on different IP's in different locations in different countries, and it just so happens that the DNC had also user up all their resources at the time and 4 other people on the list had used up all their resources. Their page showed all was good and there was no problems because everyone had used all their resources. Excuse all the resources references, but it appears that the whois server was under heavy load from 0.0.0.0/0 I gave up finding an answer because it was fixed 5 mins after my email so was only a 20min outage to _me_and_others_. Matter over and done with unless there is a _real_ answer Thanks B
participants (9)
-
Barry Murphy -
Dean Pemberton -
DNS -
Jack Pivac -
Mike Cooper -
Paul England -
Philip D'Ath -
Russell Fulton -
Scott Howard