Asterisk.org has broken DNS and digium.com cyber squatted


(David55) #1

This isn’t actually a FreePBX question, but hopefully it will reach someone who knows.

community.asterisk.org stopped resolving today, and investigation indicates that the domain’s name servers are nxs[123].digium.com. Further digium.com is showing a squatting page and and its nameservers are in the domaincontrol.com domain. That suggests the digium.com domain has lapsed and asterisk.org’s name servers have been undermined.

Does anyone know if steps are being taken to reconnect asterisk.org to the DNS tree. I’m also surprised that digium.com has been allowed to lapse? It is possible I’m seeing lagged data, but I tried to make directed dig requests to avoid that.

It seems that the Digium trademark is valuable intellectual property, so I can’t understand why it would be allowed to lapse.


(Joshua C. Colp) #2

I’m not seeing any of that. Digium.com seems fine:

   Domain Name: DIGIUM.COM
   Registry Domain ID: 20308869_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.godaddy.com
   Registrar URL: http://www.godaddy.com
   Updated Date: 2019-11-14T11:35:56Z
   Creation Date: 2000-02-21T11:26:29Z
   Registry Expiry Date: 2020-02-21T11:26:29Z
   Registrar: GoDaddy.com, LLC
   Registrar IANA ID: 146
   Registrar Abuse Contact Email: abuse@godaddy.com
   Registrar Abuse Contact Phone: 480-624-2505
   Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
   Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
   Name Server: NSX1.DIGIUM.COM
   Name Server: NSX2.DIGIUM.COM
   Name Server: NSX3.DIGIUM.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2019-11-14T13:03:38Z <<<

; <<>> DiG 9.11.3-1ubuntu1.10-Ubuntu <<>> www.digium.com @47.55.55.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10460
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.digium.com.			IN	A

;; ANSWER SECTION:
www.digium.com.		3600	IN	CNAME	www.digium.com.cdn.cloudflare.net.
www.digium.com.cdn.cloudflare.net. 300 IN A	104.20.5.63
www.digium.com.cdn.cloudflare.net. 300 IN A	104.20.4.63

;; Query time: 132 msec
;; SERVER: 47.55.55.55#53(47.55.55.55)
;; WHEN: Thu Nov 14 09:07:16 AST 2019
;; MSG SIZE  rcvd: 111

And community is resolving for me (it’s actually a CNAME to Discourse):

; <<>> DiG 9.11.3-1ubuntu1.10-Ubuntu <<>> community.asterisk.org @47.55.55.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44231
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 0

;; QUESTION SECTION:
;community.asterisk.org.		IN	A

;; ANSWER SECTION:
community.asterisk.org.	3600	IN	CNAME	asterisk.bydiscourse.com.
asterisk.bydiscourse.com. 300	IN	A	216.218.159.21

;; AUTHORITY SECTION:
bydiscourse.com.	172800	IN	NS	ns-1509.awsdns-60.org.
bydiscourse.com.	172800	IN	NS	ns-1724.awsdns-23.co.uk.
bydiscourse.com.	172800	IN	NS	ns-393.awsdns-49.com.
bydiscourse.com.	172800	IN	NS	ns-885.awsdns-46.net.

;; Query time: 250 msec
;; SERVER: 47.55.55.55#53(47.55.55.55)
;; WHEN: Thu Nov 14 09:04:24 AST 2019
;; MSG SIZE  rcvd: 228

That’s using my ISP’s DNS.


(Joshua C. Colp) #3

I’ve filed a ticket with IT regardless just in case.


(David55) #4
 dig any digium.com

; <<>> DiG 9.10.3-P4-Debian <<>> any digium.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51442
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;digium.com.			IN	ANY

;; ANSWER SECTION:
digium.com.		529	IN	A	50.63.202.50
digium.com.		3285	IN	NS	ns31.domaincontrol.com.
digium.com.		3285	IN	NS	ns32.domaincontrol.com.
digium.com.		3285	IN	SOA	ns31.domaincontrol.com. dns.jomax.net. 2019111402 28800 7200 604800 600

;; Query time: 24 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Thu Nov 14 12:51:45 GMT 2019
;; MSG SIZE  rcvd: 156

(David55) #5
david@dhcppc4:~$ dig soa digium.com

; <<>> DiG 9.10.3-P4-Debian <<>> soa digium.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58089
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;digium.com.			IN	SOA

;; ANSWER SECTION:
digium.com.		1756	IN	SOA	ns31.domaincontrol.com. dns.jomax.net. 2019111402 28800 7200 604800 600

;; AUTHORITY SECTION:
digium.com.		1756	IN	NS	ns31.domaincontrol.com.
digium.com.		1756	IN	NS	ns32.domaincontrol.com.

;; Query time: 34 msec
;; SERVER: fd1e:3742:57f3::1#53(fd1e:3742:57f3::1)
;; WHEN: Thu Nov 14 13:17:14 GMT 2019
;; MSG SIZE  rcvd: 140

(Joshua C. Colp) #6

Aha, I can get incorrect results if I use OpenDNS. If I use Cloudflare or my ISP then it’s fine.


(David55) #7

I suspect the difference is due to caching. A random .com domain server (k.gtld-servers.net.) is returning the correct information, but my ISP’s caching nameserver is returning the bad one. I guess an error was introduced long enough for them to cache the bad version and I’m going to have to wait for the cache to expire, or install a full domain server, rather than point to my router. The ISP is reporting a 3600 second lifetime, but there may be multiple levels of cache involved.


(David55) #8

Now resolving correctly.


(Joshua C. Colp) #9

There was a problem with the registrar earlier and it has been resolved, but due to caching as you’ve stated it may take a bit of time for things to update across the known universe.