forwarding on behalf of Tony Cooke ... Josh -----Original Message----- From: Cooke, Tony [mailto:tony.cooke§deacons.com.au] Sent: Friday, 21 September 2001 15:36 To: 'Rowe, Joshua' Subject: RE: [DNS] Internet Domain Names May Have Warned of Attacks I sent this this to the list this morning, but it didn't make it for some reason or another. Josh Interesting article, but I can't seem to verify it. none of the names suggested in it give any results like those suggested. Some are registered, but at times that don't match what is being said, and they were registered after the Attack. 1. [whois.crsnic.net]Whois Server Version 1.3Domain names in the .com, .net, and .org domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Domain Name: ATTACKONTWINTOWERS.COM Registrar: BULKREGISTER.COM, INC. Whois Server: whois.bulkregister.com Referral URL: http://www.bulkregister.com Name Server: DNS3.PIXELGATE.NET Name Server: DNS1.PIXELGATE.NET Updated Date: 11-sep-2001 The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and Registrars. [whois.bulkregister.com] Evolution R 2591 Fallon Circle Simi Valley, Ca 93065 US Domain Name: ATTACKONTWINTOWERS.COM Administrative Contact: Keith Ramirez sales§evolutionr.net Evolution R 2591 Fallon Circle Simi Valley, Ca 93065 US Phone- 805-520-7787 Fax- Technical Contact: Keith Ramirez sales§evolutionr.net Evolution R 2591 Fallon Circle Simi Valley, Ca 93065 US Phone- 805-520-7787 Fax- Record updated on 2001-09-11 13:23:53. Record created on 2001-09-11. Record expires on 2002-09-11. Database last updated on 2001-09-20 16:52:07 EST. Domain servers in listed order: DNS1.PIXELGATE.NET 209.239.252.99 DNS3.PIXELGATE.NET 209.239.240.99 2. [whois.crsnic.net]Whois Server Version 1.3Domain names in the .com, .net, and .org domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Domain Name: WORLDTRADECENTERBOMBS.COM Registrar: INTERCOSMOS MEDIA GROUP,INC Whois Server: whois.directnic.com Referral URL: http://www.directnic.com Name Server: NS0.DIRECTNIC.COM Name Server: NS1.DIRECTNIC.COM Updated Date: 13-sep-2001 The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and Registrars. [whois.directnic.com] Registrant: Prime Item Promotions 3552 Promontory Street San Diego, Ca 92109 US Domain Name: WORLDTRADECENTERBOMBS.COM Administrative Contact: Zugel, Duane primeitem§hotmail.com 3552 Promontory Street San Diego, Ca 92109 US 619-379-2559 Technical Contact: Zugel, Duane primeitem§hotmail.com 3552 Promontory Street San Diego, Ca 92109 US 619-379-2559 Billing Contact: Zugel, Duane primeitem§hotmail.com 3552 Promontory Street San Diego, Ca 92109 US 619-379-2559 Record last updated on 13-Sep-2001. Record expires on 13-Sep-2002. Record Created on 13-Sep-2001. Domain servers in listed order: NS0.DIRECTNIC.COM 66.79.10.199 NS1.DIRECTNIC.COM 64.38.245.203 -----Original Message----- From: Rowe, Joshua [mailto:Joshua.Rowe§auspost.com.au] Sent: Friday, 21 September 2001 10:01 AM To: Dns List (E-mail 2) Subject: [DNS] Internet Domain Names May Have Warned of Attacks Internet Domain Names May Have Warned of Attacks By Jeff Johnson CNSNews.com Congressional Bureau Chief September 19, 2001 http://www.cnsnews.com/ViewNation.asp?Page=/Nation/archive/200109/NAT2001091 9d.html (CNSNews.com) - The terrorists who planned and executed the September 11 attack on America may have registered as many as 20 Internet domain names, or web addresses, that experts believe should have warned authorities of a possible assault on the World Trade Center in New York City. Internet domain names like 'attackontwintowers.com' and 'worldtradetowerattack.com' were registered more than a year ago. It's not known at this time who registered the suspicious names or what their purpose was. "It's unbelievable that they (the registration company) would register these domain names, probably without any comment to the FBI," according to Neil Livingstone, head of Global Options LLC, a Washington, D.C.-based counter-terrorism and investigation company. "If they did make a comment to the FBI, it's unbelievable that the FBI didn't react to it," he added. A spokeswoman in the FBI press office would only say that the agency will not comment on its investigation into the attacks. According to Livingstone, at least 17 domain names, including 'pearlharborinmanhattan.com' and 'worldtradetowerstrike.com,' were registered as early as June 2000, 15 months prior to the attacks. Two of the domain names contained the dates August 11 and September 29, which Livingstone said may have indicated the window of opportunity during which the attackers planned to strike. He also dismissed speculation that the domain names were a reference to the bombing of the World Trade Center eight years ago. "You have two other names containing 2001, so there's no confusion over the 1993 World Trade Center attack." To protect his sources, Livingstone would not say with which company the domain names in question were registered. He had no information about the identity of the person or people who registered the names. A domain name search Tuesday indicated that hundreds of web addresses containing references to the terrorist attacks were registered in the past week, and four of the older domain names provided by Livingstone have already been re-registered. Domain name registrants are required to use a credit card for payment, and must provide administrative, technical, and billing contact information. That information, except the credit card data, is available to the public as long as the registration is kept current. Livingstone indicated that the required use of a credit card should mean that authorities would at least have a starting point to investigate the registrant. "This is something that someone should have noticed," he said, "but privacy issues probably kept it from being noticed." Telephone calls to several domain name registration companies Tuesday were not returned. The website for Network Solutions, the world's largest domain name registrar, included a privacy statement indicative of industry standards regarding confidentiality: "We will not share such information with other third parties, except in response to formal requests (e.g., subpoena or court order) made in connection with litigation or arbitration proceedings directly relating to a domain name registration or other services we provide." Former CIA Director James Woolsey said current laws make it difficult for the FBI to get a warrant for electronic surveillance and wiretaps, or to recruit informants based on actions such as registering threatening domain names. "There would not be enough material that is close enough to a specific crime for an investigation to be opened," Woolsey said. But Livingstone believes authorities should have the right to investigate inflammatory rhetoric, even something as simple as the registration of a web address that might indicate criminal intent. "Something like this ought to come to our attention, and we ought to investigate whether you do intend to act on it, or whether you're just a nut case out there who's just venting," he said. The attackers might have been planning a propaganda campaign following the attacks, according to Livingstone. "Maybe their success was so overwhelming that they didn't need to use this," he said. "Or they may have decided it was too dangerous to do." Domain names on the list provided to Livingstone by an industry insider included: "attackamerica.com," "attackonamerica.com," "attackontwintowers.com," "august11horror.com," "august11terror.com" "horrorinamerica.com," "horrorinnewyork.com," "nycterroriststrike.com," "pearlharborinmanhattan.com," "terrorattack2001.com," "towerofhorror.com," "tradetowerstrike.com," "worldtradecenter929.com," "worldtradecenterbombs.com," "worldtradetowerattack.com," "worldtradetowerstrike.com," "wterroristattack2001.com." CAUTION This e-mail and any files transmitted with it are privileged and confidential information intended for the use of the addressee. The confidentiality and/or privilege in this e-mail is not waived, lost or destroyed if it has been transmitted to you in error. If you have received this e-mail in error you must (a) not disseminate, copy or take any action in reliance on it; (b) please notify Australia Post immediately by return e-mail to the sender; and (c) please delete the original e-mail. -- This article is not to be reproduced or quoted beyond this forum without express permission of the author. 334 subscribers. Archived at http://listmaster.iinet.net.au/list/dns (user: dns, pass: dns) Email "unsubscribe" to dns-request§auda.org.au to be removed. CAUTION This e-mail and any files transmitted with it are privileged and confidential information intended for the use of the addressee. The confidentiality and/or privilege in this e-mail is not waived, lost or destroyed if it has been transmitted to you in error. If you have received this e-mail in error you must (a) not disseminate, copy or take any action in reliance on it; (b) please notify Australia Post immediately by return e-mail to the sender; and (c) please delete the original e-mail. -- This article is not to be reproduced or quoted beyond this forum without express permission of the author. 334 subscribers. Archived at http://listmaster.iinet.net.au/list/dns (user: dns, pass: dns) Email "unsubscribe" to dns-request§auda.org.au to be removed.Received on Sun Sep 23 2001 - 15:02:04 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:04 UTC