August 10th, 2001, 02:12 AM
I have several domain names registered and hosted on my own servers which are co-located and my 2 service providers. Both service providers are in Florida but located in different parts of the state approx. 3 to 400 miles apart.
Several days ago one of the domains quit being queried from my dns servers. To go into more detail. All but 2 records would respond to my nslookup queries. Both are A records and both are the records registered with InterNIC as host DNS servers for all my other domains. Any other records within that zone, cname and mx are the primary two that I use but I tried several other record types, seem to have disappeared off the Internet unless I was using my dns servers. I even tried deleting the entry out of boot and let the TTL expire to see if another server was hosting the entries and concluded that somewhere out there is a server with my domain in it with only those two A records listed.
Is this a zone/domain spoof?
How do track down what dns server is doing the spoofing?
How do I gain back control?
Is this something I should report to the authorities such as the FBI?
Please respond either to this post or email@example.com