The Alan Sondheim Mail Archive

Panix Shell Services
Panix - Public Access Networks Corporation
Panix victim of domain name hijacking
Status as of Sun Jan 16 17:50:40 EST 2005

Recovery from the domain name hijack is underway. The registrar 
in Melbourne has reverted the domain back to us, and the global Internet 
registry and domain name servers are now showing the correct information.

However, due to the distributed nature of the Internet domain name system, 
it will take 4-24 more hours before the false data from the hijacking 
expires and is discarded by the various name servers. Our customers and 
servers can be reached by using the domain, as described below.

(old information left below for reference).

Panix's main domain name,, has been hijacked by parties unknown. 
The ownership of was moved to a company in Australia, the actual 
DNS records were moved to a company in the United Kingdom, and's 
mail has been redirected to yet another company in Canada. Panix staff are 
currently working around the clock to recover our domain, but this may 
take until Monday, due to the time differences and difficulties in 
reaching responsible parties over the weekend.

For most customers, accesses to Panix using the domain will not 
work or will end up at a false site. Since the Internet domain name system 
is distributed, some network providers still have the correct information 
in their name servers, but this could change at any moment.

As a temporary workaround, you can use the domain in place of In other words, if you're trying to log onto "" 
or see your mail at "," use "" or 
"" instead. However, you should only change the names of 
hosts that you connect to or your return address: the name you use to 
login to our mail servers,, should stay the same.

Mail to is currently being redirected to the false site 
, and should be considered lost or compromised if it does not arrive in 
your Panix mailbox. If you have online accounts that authenticate via 
email address, you might wish to protect them against fraud by changing 
that address to your username "".
When contacting hosts that use SSL security (URLs that begin with "https" 
rather than "http", or SSL-wrapped services such as secure SMTP, secure 
IMAP, or secure POP), you will see a hostname error. The server will 
present a certificate that says it is "", and your 
browser or mail program, which expects to see "", will 
complain about the mismatch. This is an expected consequence of using the 
"" workaround. If you have urgent concerns that are not addressed 
by this message, you can contact us by calling +1 (212) 741-4400, and 
pressing 0. (You may need to leave a message for us, but we're checking 
frequently.) For less-than urgent concerns, please write to us at

Panix, the oldest commercial Internet provider in New York, is dedicated 
to providing stable and reliable Internet access, email, netnews and UNIX 
computing services to the public. We started in 1989, before the advent of 
the Internet, and we're still going strong.

Panix is a full-service ISP, offering World Wide Web hosting, Internet 
connectivity of all kinds in the New York metro area (New York City, Long 
Island, Westchester, Rockland County, and New Jersey), and National 
Dialup-- with dialup access in over 1100 locations in 49 states.

We also specialize in UNIX shell access, from anywhere on the Internet, 
anywhere in the world.

Many of our users are still receiving variations of the Beagle virus we 
warned about early in March. This is email that forges "From:" addresses 
so that they appear to be from Panix, and include signatures like "The Team" and mentioning this web site.

These are forged and they're affecting ISPs around the globe, not just 

We have made some additional information about these viruses available.

Generated by Mnemosyne 0.12.