Al Jazeera interference may be more than just DDoS

Some New Zealand-based Internet commentators believe error messages returned from Al Jazeera’s English site indicate possible tampering with the domain-name server (DNS) structure.

Arabic satellite channel Al Jazeera, which has provided controversial coverage of the Iraqi war has experienced some strange goings-on with its Web site over the past few weeks.

After it published on television and the site, pictures of captured US prisoners of war and dead American soldiers, distributed denial of service (DDoS) attacks might, perhaps have been expected.

But error messages returned from Al Jazeera’s English site indicate possible tampering with the DNS structure, according to local Internet commentators. The DNS is a fundamental part of navigation on the Internet, and tampering with it is a deeper level of interference than DDoS.

PC World columnist Vik Olliver who has been exploring the problem with the New Zealand Linux Users Group, drew this conclusion after attempts to reach last month returned the message: “connection timed out; no servers could be reached.”

“A DDoS attack will not remove an entry from a DNS server,” Olliver said. “There is a different error if a domain server cannot be contacted at all. It looks like someone actually pulled the files from the DNS server – the error was returned by the server after all, so it could be reached – and that would involve a US domain server security breach of serious proportions – unless it was deliberate.”

An article in Melbourne, Australia-based The Age reported similar suspicions.

InternetNZ executive director Peter Macaulay said that if there has been any tampering either with the site directly or with the DNS structure that was against the policies of InternetNZ and any equivalent organization in other countries.

“Doing damage to a site (in a way that looks like an attempt to restrict freedom of information) would rebound on you. It would make you look like you’re anti-freedom.

“I can’t imagine what would lead anyone to do this; I just hope it’s not a counter-intelligence or government move.”

InternetNZ has no information on whether DNS tampering its involved, said Macaulay.

“All I can get at the moment at their English site is a temporary page with headlines only, and you can’t drill down,” he said yesterday.

Al Jazeera’s English-language server has now relocated to France, after its U.S. upstream provider “pulled the plug.” It hoped for greater security from DNS interference or denial of service in France, but the site is still showing erratic behaviour, Olliver said last week.

Confirming the DNS suspicions, Olliver adds, “I also suspect that a whole raft of things are affecting access.

“Funny things are going on with the English site. It keeps switching between Linux and Microsoft servers. Currently it is on an incorrectly configured, or cracked Microsoft server.”

A projected deal with U.S.-based Akamai Technologies Inc. to mirror Al Jazeera’s English site was cancelled at about that time. Akamai declines to give a reason.