From owner-freebsd-security Thu Nov 18 10: 7:19 1999 Delivered-To: freebsd-security@freebsd.org Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228]) by hub.freebsd.org (Postfix) with ESMTP id 15F5B14D82 for ; Thu, 18 Nov 1999 10:07:15 -0800 (PST) (envelope-from jkh@zippy.cdrom.com) Received: from localhost (localhost [127.0.0.1]) by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id KAA19275; Thu, 18 Nov 1999 10:06:51 -0800 (PST) (envelope-from jkh@zippy.cdrom.com) To: "Mr. K." Cc: freebsd-security@FreeBSD.ORG Subject: Re: localhost.org In-reply-to: Your message of "Thu, 18 Nov 1999 10:13:58 EST." Date: Thu, 18 Nov 1999 10:06:51 -0800 Message-ID: <19271.942948411@localhost> From: "Jordan K. Hubbard" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Your DNS is screwed. Localhost should always resolve to 127.0.0.1 "locally" and never fall through to localhost.org. To wit: jkh@zippy-> telnet localhost Trying 127.0.0.1... - J > this is really bad... today when i got to my computer i noticed that > mysql was broken. the message was "Can't connect to MySQL server on > localhost". so after half an hour of debugging (and rebooting my server > :(, bye uptime), I did a telnet localhost 3306 (the mysql port). lo and > behold, I notice: > > # telnet localhost 3306 > Trying 208.211.134.100... > telnet: Unable to connect to remote host: Connection refused > # nslookup localhost > Server: inbox.org > Address: 0.0.0.0 > > Non-authoritative answer: > Name: localhost.org > Address: 208.211.134.100 > > ouch. time to reset all my passwords, as this bozo could have stolen them > all. I don't know why this just started happening, unless the bozo just > registered the domain name, which is why I'm sending along this warning to > everyone on here. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message