Date: Thu, 9 Dec 2010 15:56:36 -0500 From: Chris Brennan <xaero@xaerolimit.net> To: Paul Macdonald <paul@ifdnrg.com> Cc: FreeBSD Questions <questions@freebsd.org> Subject: Re: more dns weirdness Message-ID: <AANLkTimt5xb640wFxvNSzAa2H903p77NpjcDKReyn1KA@mail.gmail.com> In-Reply-To: <4D013ECD.7090102@ifdnrg.com> References: <4D013ECD.7090102@ifdnrg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 9, 2010 at 3:40 PM, Paul Macdonald <paul@ifdnrg.com> wrote: > > still debugging dns issues that are no doubt to do with wider issues: > > someone here might know who to tell? > > #whois amazon.com > > Whois Server Version 2.0 > > Domain names in the .com and .net domains can now be registered > with many different competing registrars. Go to http://www.internic.net > for detailed information. > > AMAZON.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM > AMAZON.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM > AMAZON.COM.IS.N0T.AS.1337.AS.WWW.GULLI.COM > AMAZON.COM.BLACKSWANSBOOKS.COM > AMAZON.COM > > I'll take a stab in the dark as to the cause, but not to whom is responsible. This looks like an erroneous DNS Injection. An attempt to inject false/misleading dns entries into [or before] a valid dns server serves a reply. This is usually contributed to a bad admin who improperly secured his/her DNS server or a malicious admin with the intent to wreak havoc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTimt5xb640wFxvNSzAa2H903p77NpjcDKReyn1KA>