This document covers some of the most frequently asked questions about this weekend's hijacking of the panix.com domain. If you have further questions which are not answered herein, please email staff@panix.com or call the office at 212-741-4400.

Why can I still not reach panix.com/mail.panix.com?

Though the domain was returned to our control Sunday evening, many systems across the Internet will retain the incorrect data for up to 24 hours. This is not mismanagement on their part; it's just an aspect of the way DNS (Domain Name Service) works. Your connectivity provider (or that of your correspondents) may still have the incorrect data cached. In that case, you (and they) can continue to use panix.net anyplace you would ordinarily use panix.com.

[Exception: Panix customers who normally provide their login information in the form username@panix.com should leave the login as "@panix.com".]

What happened to my mail in the interim?

Some, particularly that at the beginning of the situation, would have been delivered normally (if the sender's DNS cache still had our original, correct data). After that, mail was delivered to an incorrect mail server, where it was accepted and eventually returned to sender. Later in the weekend, the sender's server would have either failed delivery immediately (returning a bounce message to the sender) or it would have queued up the mail for a redelivery attempt; any mail queued should eventually find its way to us over the course of the next 12 hours or so.

We believe the administrators of the incorrect mail server to be an innocent third party, but if there was any sensitive data mailed to you during this period of time, it may be prudent to consider it compromised.

My domain is hosted at Panix, and my email address is @mydomain.com, not @panix.com. How was my email affected?

For the most part, not at all. The nature of the attack was such that we could take measures to redirect the delivery of hosted-domain email, though not @panix.com-bound email. There would have been a period of several hours midday Saturday when, depending on the DNS information on the sender's system, mail to your domain may have bounced. (However, it definitely would have bounced, not been delivered to the incorrect mail server as described in the previous answer.)

How long should I use/tell correspondents to use panix.net?

We believe that the false information in the Internet domain name system will have expired by Tuesday morning. We will monitor this situation as best we can and advise further on our main web page at http://www.panix.net.

How long will using panix.net be an alternative?

Although we will maintain our main web page at http://www.panix.net for the forseeable future, we hope to remove the panix.net workarounds by Monday, January 24.

Is my password compromised?

We don't think so - as far as we can tell, the servers that our mail and Web traffic were misdirected to were not prompting for passwords or otherwise trying to pretend to be panix.com's servers. However, it is always prudent to change your password after an incident like this, and we encourage our customers to do so if they are concerned.

Who do I complain to?

We don't know yet. It's not supposed to be possible to transfer the ownership of someone's domain name without notifying both the domain owner and the current registrar, and yet it happened anyway. When we've gathered more information about what happened, we will try to address what went wrong with the system and what needs to be changed. Please check back at www.panix.com (or www.panix.net) in a few days.

Are you taking legal action?

Members of several law enforcement agencies in the US and at least three other countries have already been involved, and it is hoped the perpetrator(s) will be tracked down. We cannot discuss the investigation further.

What steps are you taking to make sure this doesn't happen again?

We are working with law enforcement agencies, registrars, and the global Internet registry to determine what happened and what changes are needed to protect the integrity of the domain name system. We hope to post more information about this as we learn more.