Date: Thu, 18 Nov 1999 08:45:18 -0700 (MST) From: David G Andersen <danderse@cs.utah.edu> To: bsd@a.servers.aozilla.com (Mr. K.) Cc: danderse@cs.utah.edu, freebsd-security@FreeBSD.ORG Subject: Re: localhost.org Message-ID: <199911181545.IAA27842@faith.cs.utah.edu> In-Reply-To: <Pine.BSF.3.96.991118103700.638A-100000@inbox.org> from "Mr. K." at Nov 18, 99 10:41:24 am
next in thread | previous in thread | raw e-mail | index | archive | help
Look at your /etc/resolv.conf It should say something like: domain inbox.org nameserver foo nameserver bar But in reality, yours probably looks like: search inbox.org search org nameserver foo nameserver bar Remove that "search org" line. (Alternately, you might have a "domain org" which would be even worse. :-) -Dave Lo and behold, Mr. K. once said: > > I thought it's automatically there because inbox.org is my domain name. I > actually can't figure out how to fix this, without setting myself as > authoritative for localhost.org. I'm probably just overlooking something > though. > > On Thu, 18 Nov 1999, David G Andersen wrote: > > > But why in the world do you have .org in your search path? > > > > ... it's like leaving "." in root's executable search path: just don't do > > it. The only things in your nameserver search space should be domains you > > trust, or obviously, people are going to be able to pull things like that. > > > > -Dave > > > > Lo and behold, Mr. K. once said: > > > > > > this is really bad... today when i got to my computer i noticed that > > > mysql was broken. the message was "Can't connect to MySQL server on > > > localhost". so after half an hour of debugging (and rebooting my server > > > :(, bye uptime), I did a telnet localhost 3306 (the mysql port). lo and > > > behold, I notice: > > > > > > # telnet localhost 3306 > > > Trying 208.211.134.100... > > > telnet: Unable to connect to remote host: Connection refused > > > # nslookup localhost > > > Server: inbox.org > > > Address: 0.0.0.0 > > > > > > Non-authoritative answer: > > > Name: localhost.org > > > Address: 208.211.134.100 > > > > > > ouch. time to reset all my passwords, as this bozo could have stolen them > > > all. I don't know why this just started happening, unless the bozo just > > > registered the domain name, which is why I'm sending along this warning to > > > everyone on here. > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > -- > > work: dga@lcs.mit.edu me: dga@pobox.com > > MIT Laboratory for Computer Science http://www.angio.net/ > > > -- work: dga@lcs.mit.edu me: dga@pobox.com MIT Laboratory for Computer Science http://www.angio.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911181545.IAA27842>