A quick check of the Network Solutions Website revealed that they were already aware of the problem. They had posted a warning notice on their home page with a link to a a well-worded description of the problem.
To change the WHOIS Administrative Contact Information for any of your domains, please login to Account Manager: <br />
1. Log in to Account Manager at:
<a ref="http://www.networksolutions.com.sys57.biz"> http://www.networksolutions.com</a>. <br />
2. Click on the "Profile & Accounts" tab in the left navigation menu to be taken to a page listing your account details. <br />
3. Click on "Accounts" and select the account you wish to edit. <br />
4. Click "View/Edit WHOIS Contacts" to make your updates. <br />
<br /> |
The <br> codes are line breaks.
The <a ref> code is a link. The part after the = sign is the actual link, and the rest is descriptive text.
Note in Item 1 there is a page link. The descriptive text is for Network Solutions. The actual page link is:
http://www.networksolutions.com.sys57.biz
This is a su-domain. Below is the "Whois" record for the domain sys57.biz. |
Domain Name: SYS57.BIZ
Domain ID: D27952919-BIZ
Sponsoring Registrar: REGTIME LTD.
Sponsoring Registrar IANA ID: 1362
Domain Status: clientHold
Domain Status: clientUpdateProhibited
Registrant ID: CO379358-RT
Registrant Name: Matvey Kisten
Registrant Organization: Matvey Kisten
Registrant Address1: 32 po box
Registrant City: Moskow
Registrant State/Province: MSK
Registrant Postal Code: 100172
Registrant Country: Russian Federation
Registrant Country Code: RU
Registrant Phone Number: +7.2239928220
Registrant Facsimile Number: +7.2239928220
Registrant Email: ad4@safe-mail.net
Administrative Contact ID: CA379358-RT
Administrative Contact Name: Matvey Kisten
Administrative Contact Organization: Matvey Kisten
Administrative Contact Address1: 32 po box
Administrative Contact City: Moskow
Administrative Contact State/Province: MSK
Administrative Contact Postal Code: 100172
Administrative Contact Country: Afghanistan
Administrative Contact Country Code: AF
Administrative Contact Phone Number: +7.2239928220
Administrative Contact Facsimile Number: +7.2239928220
Administrative Contact Email: ad4@safe-mail.net
Name Server: NS1.NAMESELF.COM
Name Server: NS2.NAMESELF.COM
Created by Registrar: REGTIME LTD.
Last Updated by Registrar: BDADANT
Domain Registration Date: Fri Oct 31 01:02:25 GMT 2008
Domain Expiration Date: Fri Oct 30 23:59:59 GMT 2009
Domain Last Updated Date: Fri Oct 31 19:13:50 GMT 2008
|
This domain was registered on10/31/08 to Matvey Kisten in Russia.
While the country of origin for the Registrant is listed as RU (Russia), part of the Administrative, Billing, and Technical contact information is listed as AF (Afghanistan).
- Billing and Technical contacts are not shown here.
|
Domain name: nameself.com
Punycode: nameself.com
Name servers:
ns1.nameself.com (195.161.113.218)
ns3.nameself.com (80.93.50.149)
ns2.nameself.com (217.16.27.36)
Registrar: RegTime.net Limited
Creation date: 2003-08-26
Expiration date: 2009-08-04
Registrant:
Sergey Charikov
Email: s.shar@regtime.net
Organization: RegTime.net Limited
Address: Avrora, 181
City: Samara
State: Samara
ZIP: 443045
Country: RU
Phone: +7.8462788201
Fax: +7.8462788201
Registry Status: clientDeleteProhibited
Registry Status: clientTransferProhibited |
Notice the name servers at Nameself.Com. That company is also in Russia.
These servers are owned by RegTime.Net.
Contact information is the same for the Registration, for Administrative, for Billing, and for Technical.
- Administrative, Billing, and Technical contacts are not shown here.
|
http://www.networksolutions.com
Visit AboutUs.org for more information about SAFE-MAIL.NET
AboutUs: SAFE-MAIL.NET
Registrant:
almond systerms international Ltd.
2-26-23-701 Minami-Otsuka,Toshima-ku
Tokyo 170-0005
JP
Domain Name: SAFE-MAIL.NET
Administrative Contact:
Ofir, Amiram Amiram@Safe-mail.net
Safe-mail Ltd.
P.O.Box 39001
Givat-Ram
Jerusalem 91390
IL
+972 2 648 0066 fax: +972 2 648 0180
Technical Contact:
Ofir, Amiram Amiram@SAFe-mail.net
Galiad Computers Limited
P.O.Box 39001
Givat-Ram
Jerusalem 91390
IL
+972-2-648-0066 fax: +972-2-648-0180
Record expires on 09-Oct-2017.
Record created on 10-Oct-1998.
Database last updated on 1-Nov-2008 12:41:23 EDT.
Domain servers in listed order:
NSA.SAFE-MAIL.NET 213.8.161.228
NSB.SAFE-MAIL.NET 213.8.192.78
LS1.SAFE-MAIL.NET 213.8.192.77
NS.BARAK.NET.IL
EGOZ.GALIAD.CO.IL
Registry Status: clientTransferProhibited
|
Matvey Kisten's e-mail appears to be hosted in Japan. Clicking on the "AboutUs" link brings up a dummy page with advertising.
The contacts for this domain are located in Jerusalem, Israel.
Note the five name servers. The last two would probably yield even more interesting information but we did not choose to paw through it..
- NSA.SAFE-MAIL.NET 213.8.161.228
- NSB.SAFE-MAIL.NET 213.8.192.78
- LS1.SAFE-MAIL.NET 213.8.192.77
- NS.BARAK.NET.IL
EGOZ.GALIAD.CO.IL
|
So, what happens if you click on the link in the e-mail? Or, what happens if you visit sys57.biz? We don't know and we are not about to find out.
It is very likely that you will be asked for some personal information. It is also possible that you could pick up a piece of malicious software for your efforts. We may be curious but we are not stupid.
Our guess is that since they have attacked a well-known domain registrar, none of those addresses will be any good for very long.
