As a funny side note, Ass Tone (aka Acetone, the guy who's been doing weekend web,) was banned for trolling a few days ago and hasn't re-registered yet (for those who don't know, a SA ban is just until you cough up another $10, a permaban keeps you out for good.)
edit: the current announcement:
Quote:
We've had some issues with DNS today (01/02/08) which may be making the site inaccessible for some users. If you have arrived here via IP address, or someone you know is having problems reaching the site, helpful goon xarph posted these instructions on how to add manual entries to your host file to reach SA properly. This will work, but if you do this, make sure you remember to remove the manual entries at a later date to avoid problems down the line. Stick a post-it note somewhere so you don't forget.
Alternatively, you could update your system's DNS resolver to use caching nameservers that are more current. I'll leave that as an excercise for the reader, since I don't have any good public resolvers to recommend. And I'm lazy.
If you have experienced anything out of the ordinary, it would be wise to change your forums password as a precaution. Report any instances of account tampering to support and we'll fix you up.
Well, what happened!?
At 12:50PM CST, someone logged in our account at our domain registrar and updated "somethingawful.com" nameservers to point to Network Solutions' placeholder nameservers. Everyone started getting the NSI placeholder page, as if the domain was not setup yet.
A goon at our ISP noticed this shortly after and called me. We corrected the nameservers and changed our account username and password with our registrar. The change went through at 1:12pm CST and all was well.
Until 2:51pm CST, that is, when the domain was altered again by unknown forces. The whois information was returning the same placeholder domains as before. Lowtax called NSI and got ahold of someone slightly helpful, and he locked the domains for us so they could not be tampered with further.
At this point, it does not appear the compromise occurred via anyone at SA or via the domain email account. I'm reluctant to believe Network Solutions may have some vulnerability that allowed this, but we are not ruling that out. Whatever the case, this should never have happened. For now, I'll just blame myself!
The domain has been locked for hours now, but people are still running into strange goings on. We have no knowledge of who did this or why, and we don't really care. It's the internet - shit happens. To us, usually. We will be reviewing our registrar situation to ensure our identity is secure in the future.
Never a dull moment! 2008 will be fun.
|