found out what the problem with AOL was....

[Guest guest]

Hack puts AOL off limits

By Janet Kornblum

Staff Writer, CNET News.com

October 16, 1998, 2:40 p.m. PT

update Internet users trying to send email to America Online users or

get to the online giant's site have been plagued by problems due to a

major glitch with the Internet's domain naming system.

As reported earlier, instead of being routed directly to AOL, some users

from the Net trying to send email to the company's 13 million members or

trying to get to the company's portal were instead redirected to the

servers of a company called Autonet.net, AOL spokeswoman Ann Brackbill

has confirmed.

The problem was caused when someone forged an email message to the

InterNIC, run by Network Solutions, requesting that Network Solutions

change AOL's designated name server. AOL had designated the lowest

security clearance for changing its InterNIC records, which made it

easier for a hacker to wreak havoc.

The records were altered for several hours and have now been fixed.

Because different ISPs update their name server records at different

times, it is not clear how widespread the problem was. But systems

administrators began noticing bounced email messages and problems

resolving requests to get to the AOL site mid-morning.

When Net surfers try to reach an address on the Net, they type it in

their Web browsers or in an email message. In order to reach their

destinations, the names are routed through the Net and sent to the

domain name server. If the server is wrong, the surfer will not reach

the proper destination and neither will his or her email.

Most Internet access providers cache their domain name server records,

so not everyone on the Internet would have instantly known there was a

problem. There also may be continuing problems throughout the day due to

caching and latency.

A spokesperson for Autonet.net could not be reached for comment.

NSI changes between 10 and 15,000 records every day, said

Clough, a spokesman for NSI. Some are done automatically; others are

done by people. Records requests are handled according to the security

options designated by the registrar, Clough said.

AOL had chosen the least secure option--which is also the default--in

which the registrant states that Network Solutions is authorized to

change the registration with a simple email message from the correct

person. The most secure option requires the requesting party to use key

encryption.

It is fairly rudimentary to forge an email address.

As a result, Network Solutions changed the records between 11 p.m. and 1

a.m. PT, Clough said. The InterNIC record was changed at 1:27 a.m. PT.

The records were changed back to AOL's servers this afternoon, both

Clough and Brackbill said.

Brackbill said that AOL and Network Solutions have been working all

morning to first correct the problem and then prevent it from

reoccurring.

It may take a while for systems throughout the Net to catch up with the

corrected domain name server.

" We've worked with them immediately to make sure this never happens

again, " Brackbill said.