Site Navigation

Date:      Mon, 17 May 1999 23:31:06 +0000 (GMT)
From:      Terry Lambert <tlambert@primenet.com>
To:        spork@super-g.com (spork)
Cc:        freebsd-chat@FreeBSD.ORG
Subject:   Re: Weird "Advocacy"
Message-ID:  <199905172331.QAA28376@usr05.primenet.com>
In-Reply-To: <Pine.BSF.4.00.9905171803450.10184-100000@super-g.inch.com> from "spork" at May 17, 99 06:06:23 pm

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

> Last night we got hit with one of those "dictionary attack" mail spams
> where the spammer basically tries every username in a dictionary to get
> the spam through.  The funny thing is the name of the machine:
> 
> Received: from netppl.fi (monitor@get.freebsd.because.microsoftsucks.net
>     [209.3.31.115])  

[ ... ]

> Weird?  Malicious?  Why?

You need to look a little deeper next time:

% nslookup
> set q=any
> 115.31.3.209.in-addr.arpa.
[ ... ]

115.31.3.209.in-addr.arpa       name = get.freebsd.because.microsoftsucks.net
31.3.209.IN-ADDR.ARPA   nameserver = dns1.vdi.net
31.3.209.IN-ADDR.ARPA   nameserver = dns2.vdi.net
dns1.vdi.net    internet address = 209.3.31.32
dns2.vdi.net    internet address = 209.3.31.31
> server DNS1.VDI.NET
Default Server:  DNS1.VDI.NET
Address:  209.3.31.32

> ls microsoftsucks.net.
[DNS1.VDI.NET]
$ORIGIN microsoftsucks.net.
@                       1H IN A         209.3.31.16
we.all.know.that        1H IN A         207.206.55.157
kill.bill.gates.cause   1H IN A         209.201.94.137
bill.gates.has.more.money.than.me.so  1H IN A  209.201.94.136
get.freebsd.because     1H IN A         209.3.31.115
get.linux.because       1H IN A         209.201.94.132
bill.gates.swallows     1H IN A         209.3.31.111
pure-linux              1H IN A         209.3.31.27
knows                   1H IN A         209.201.94.135
windows98.is.proof      1H IN A         209.201.94.131
bill.gates.is.gay.and   1H IN A         142.207.10.6
linux.owns.and          1H IN A         142.207.10.6
bsd.rules.and           1H IN A         209.201.94.133
thinks.bill.gates.and   1H IN A         209.201.94.130
bitchx                  1H IN A         209.2.135.202
mail                    1H IN A         209.3.31.16
grep                    1H IN A         209.201.94.133
www                     1H IN A         209.3.31.16
everything.made.by      1H IN A         209.201.94.134
darkfires.rocks.but     1H IN A         209.3.31.4
incoming                1H IN A         209.3.31.16
freemail                1H IN A         209.3.31.16
>


					Terry Lambert
					terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199905172331.QAA28376>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact