Al Jazeera interference is more than just DDoS
- 08 April, 2003 22:00
Some Kiwi internet commentators believe error messages returned from Al Jazeera’s English site indicate possible tampering with the domain-name server (DNS) structure.
Arabic satellite channel Al Jazeera, which has provided controversial coverage of the Iraqi war has experienced some strange goings-on with its website over the past few weeks.
After it published on television and the site, pictures of captured US prisoners of war and dead American soldiers, distributed denial of service attacks might, perhaps have been expected.
But error messages returned from Al Jazeera’s English site indicate possible tampering with the domain-name server (DNS) structure some local internet commentators say. The DNS is a fundamental part of navigation on the internet, and tampering with it is a deeper level of interference than DDoS.
PC World columnist Vik Olliver who has been exploring the problem with the New Zealand Linux Users Group, drew this conclusion after attempts to reach www.aljazeera.info last month returned the message: "connection timed out; no servers could be reached."
“A DDoS attack will not remove an entry from a DNS server," Olliver says. "There is a different error if a domain server cannot be contacted at all. It looks like someone actually pulled the files from the DNS server - the error was returned by the server after all, so it could be reached - and that would involve a US domain server security breach of serious proportions - unless it was deliberate."
An article in Melbourne's The Age reported similar suspicions.
InternetNZ executive director Peter Macaulay says that if there has been any tampering either with the site directly or with the DNS structure that was against the policies of InternetNZ and any equivalent organisation in other countries.
"Doing damage to a site [in a way that looks like an attempt to restrict freedom of information] would rebound on you; it would make you look like you're anti-freedom.
"I can't imagine what would lead anyone to do this; I just hope it's not a counter-intelligence or government move."
InternetNZ has no information on whether DNS tampering its involved, says Macaulay.
"All I can get at the moment at their English site is a temporary page with headlines only, and you can't drill down," he said yesterday.
Al Jazeera’s English-language server has now relocated to France, after its US upstream provider “pulled the plug”. It hoped for greater security from DNS interference or denial of service in France, but the site is still showing erratic behaviour, Olliver said last week.
Confirming the DNS suspicions, Olliver adds, “I also suspect that a whole raft of things are affecting access.
“Funny things are going on with the English site. It keeps switching between Linux and Microsoft servers. Currently it is on an incorrectly configured, or cracked Microsoft server.”
A projected deal with US-based Akamai to mirror Al Jazeera's English site was cancelled at about that time. Akamai declines to give a reason.