suffered from jihadi cyber attack? Here is the message I get when going to their site:
Any one in contact with Douglas Hagman, let me know.
1
Dont have your email at the offcie Rusty - thanks for the link and you might want to pick up on this I just saw. It wont take the link in comments. Hmm but you can google it - AP breaking:
Family Believes Man Abducted in Iraq Dead
By JAMES MacPHERSON
Associated Press Writer
BISMARCK, N.D. (AP) -- The sister of a civilian contractor abducted in Iraq says the family believes he is dead and is planning a memorial service.
Posted by: Dan at January 11, 2006 12:24 PM (S37vA)
2
I had some contact with one of the writers at NIN a while back when a fuel truck went missing in KY. I'll see if I can find it and ask WTF happened. Wish me luck.
Posted by: Howie at January 11, 2006 12:36 PM (D3+20)
3
That error in indictive of a virtual server that is no longer handling the requests for that domain.
Virtual hosts work based on the Hostname: www.thedomain.com being passed as a string from the browser to the server.
If the hostname doesn't exist in the web server configuration file it will return that error.
Might be a server rebuild [sometimes hacks] or could be he is just moving.
Posted by: dave at January 11, 2006 12:42 PM (CcXvt)
4
Damn the mail addy I have depends on that server I can't get through.
Posted by: Howie at January 11, 2006 12:46 PM (D3+20)
5
Howie:
The mail for that domain is handled by:
mail16.webcontrolcenter.com
it is up and running.
He should be able to get Email unless he was completely removed from the mail server configuration too.
Posted by: dave at January 11, 2006 12:50 PM (CcXvt)
6
Dave,
It's also a typical cyber attack to obfuscate the redirect.
Posted by: Rusty Shackleford at January 11, 2006 12:51 PM (JQjhA)
7
Rusty:
The name servers for that domain are returning the correct IP [in their namespace] it's just the web server is not configured to handle the domain:
telnet www.homeland securityus.com 80
Trying 216.197.122.53...
Connected to www.homeland securityus.com.
Escape character is '^]'.
GET / HTTP/1.1
Host:www.homeland securityus.com
HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Wed, 11 Jan 2006 18:56:40 GMT
Connection: close
Content-Length: 39
Bad Request (Invalid Hostname)Connection closed by foreign host.
no redirect.
[ironically the domain is filted in the comments!]
Posted by: dave at January 11, 2006 12:57 PM (CcXvt)
8
Dave,
So are you thinking it was just a server problem?
"Engrish prease!"
Posted by: Rusty Shackleford at January 11, 2006 12:59 PM (JQjhA)
9
paul@(filtered domain name)
gives
This is an automatically generated Delivery Status Notification
Delivery to the following recipient failed permanently:
paul@(same deal)
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 550 No such user here
Posted by: Howie at January 11, 2006 01:02 PM (D3+20)
10
Yes. to me that would suggest the web server is being upgraded, or rebuilt.
Your assessment could be correct that the server may have been hacked, obviously a rebuild/upgrade would also have to be applied.
I wouldn't imagine his ISP removed him, because they're still resolving his domain for him.
His email should still be working.
Posted by: dave at January 11, 2006 01:04 PM (CcXvt)
11
Hagman is doing podcasts here
http://www.enigmapodcast.com/?q=blog/10&PHPSESSID=89a5dcb4ddeeb8c3a829f7e6c30d8fe1
Posted by: Howie at January 11, 2006 01:06 PM (D3+20)
12
Howie,
Then his account was removed from their mail server too.
as two independent systems are returning errors it could be that they have removed him.
I can tell you right now, when virtual servers get hit with a DDoS and the account is not a lot of money, most places will simple remove the account.
Seems weird they haven't removed his DNS entry however.
I wouldn't like to be hosted at any company that rebuilds two critical components on the same day [even if hacked!]
Posted by: dave at January 11, 2006 01:09 PM (CcXvt)
13
Hagman says he has been ill in the podcast I'm listening to it now.
Posted by: Howie at January 11, 2006 01:12 PM (D3+20)
14
could just be a billing problem then?
Posted by: dave at January 11, 2006 01:13 PM (CcXvt)
15
or it could be the europeans again
Posted by: rob at January 11, 2006 01:47 PM (QpkBe)
16
Well, seems to somewhat work from here, gives a
Welcome to the Northeast Intelligence Network...
We are the leader in providing information about terrorism, terrorist threats and terrorist events to the public. We provide the truth about the threats we face through our investigation and research.
We dare to go where the media DOES NOT, most researchers CANNOT, and where most investigators WILL NOT...
"Biblebiblebible..."Joh .;..
And then gets stuck on loading something I have no patience or interrest to wait for. Told a fellow to see what it is (trice the speed in his conn.), said it was a pop-up animation of a provocative type, and that I should just see for myself. I suggest he's lying to waste my time or he got some virus from it and tries a mild revenge, anyways, you check it out if you can.
Posted by: A Finn at January 11, 2006 02:03 PM (lGolT)
17
Up and working now, so Dave's explanation probably correct.
Posted by: Rusty at January 11, 2006 02:10 PM (JQjhA)
18
still not working here.
Posted by: Howie at January 11, 2006 02:16 PM (D3+20)
19
He's a braver soul that I, running such a controversial site on a virtual host, that's just asking for Jihadi ownage.
Posted by: dave at January 11, 2006 02:41 PM (CcXvt)
Hide Comments
| Add Comment
