heads in the sand III: denial of address

I've previously mentioned how al-Jazeera network's new english website was hacked, and how their reporters have been denied access to the NYSE and NASDAQ exchanges. Now, via the investigative powers of Slashdotters, comes suggestions that al-Jazeera's website problems stem from a higher power.

Specifically, it seems that al-Jazeera's DNS and routing have been deliberately tampered with. This is not only a denial-of-service attack by some hackers, it can only occur by design, by authorities in charge of routing data. Consider the evidence:

The primary DNS provider, Datapipe, is running, except for the single server ALJNS1HB.DATAPIPE.COM which handles al-Jazeera's DNS. This server is unreachable.

The secondary DNS provider, NavLink, is also running, but their server handling al-J's secondary DNS, ALJNS1SA.NAV-LINK.NET , is also unreachable. As Slashdot commentor Animats mentions, "NavLink has operations in Lebanon and Dubai, so it's outside of US control. But traffic to that server is apparently being blocked at switches in the US, with QWest and PBI both returning ICMP "destination unreachable" messages, but from different points. " (emphasis mine). However, the problem is not limited to the US, in a discussion on linux.debian.isp newsgroup, several techies confirmed that the website is unreachable worldwide, from Germany to Hong Kong (see thread "NON-US can anyone reach aljazeera.net?")

Note that the DoS attacks are also continuing. As netsys.com reported:

According to our sources and from our own observations, the Al Jazeera news site is still undergoing widespread denial of service attacks. Despite emergency DNS updates moving nameservers, and physical networks, the Al Jazeera dns servers are simply obliterated as soon as an update occurs.

Many experts feel it is pointless for Al Jazeera, and it's hosting providers nav-link and others to continue to try and keep this site online.

According to our contact, it has reached the point where the backbone provider has been forced to blackhole the routes to their nameservers each time the ip and network has been changed almost as quickly as they are moved..

C-Net Asia also has a report on the problem.

No comments: