[rescue] whois advice needed

[Scott Newell]

At 05:43 PM 8/28/2012, Jonathan Patschke wrote:
>On Tue, 28 Aug 2012, Robert Novak wrote:
>
>>That kinda assumes that the people in the "someone else's domain" are
>>paying attention at all, which if they haven't noticed no DNS results for
>>their domain yet... is unlikely?

I emailed the tech contact Sunday (the email is on a different 
domain), but I can't be certain that section of whois info is correct 
either.  The industry type matches, but the company names do not.  No 
reply yet.


>Most likely what's happened is that the customer mis-typed one of the
>nameserver IPs for the domain.  If it's just getting NXDOMAIN, then
>"sometimes the site doesn't load right away."

Due to the timing of the error, I'm fairly certain the mistake is on dotster.

It's not just one nameserver that's wrong, they copied my entire NS 
section.  The wrong domain has seven (the auth ns I'm running, my VPS 
host's slave, buddyns, and some other free slave ns servers) listed, 
in the same order as my domain.


>If it comes up as "Someone just registered your domain through Namecheap,"
>someone will notice.
>
>If they're _all_ mistyped, the same thing holds.  "This stupid thing
>doesn't work *wham wham wham*" versus "ZOMG who stole my domain?!"

I did some googling, and didn't find any cached website info.  (But I 
did see it used for email.)  It's a commercial chemical distiller, 
rust-belt and old.  They may have been bought out and this domain 
name used for the old email contacts.  That might explain why they've 
not noticed it's gone dark.

I don't want to play games and punish the other domain; I think 
they're the victims in this cock-up, even if they've yet to 
notice.  There's not enough traffic to cause a problem yet--they're 
running about 4-6 times the volume of my legit DNS traffic--but 
someone is trying to reach them.

I must admit, it's been fun troubleshooting this one.


thanks!

-- 
newell  N5TNL