lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <3E71BE64C6ECD8449CD5A236F700FA96B87872@odcexch.wei.owhc.net>
From: mbassett at omaha.com (Bassett, Mark)
Subject: Whois acting funny in FreeBSD

One more update ( sorry for the multiple postings..

So looks like whois.godaddy.com   whois.gandi.net and
whois.itsyourdomain.com are the offenders.


Server Name: MSN.COM.TW
   Registrar: GO DADDY SOFTWARE, INC.
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com
 
 
 
   Server Name: MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
   IP Address: 80.190.192.23
   Registrar: GANDI
   Whois Server: whois.gandi.net
   Referral URL: http://www.gandi.net


Server Name: GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
   IP Address: 80.190.192.24
   Registrar: GANDI
   Whois Server: whois.gandi.net
   Referral URL: http://www.gandi.net
 
 
 
   Server Name:
GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
   IP Address: 209.187.114.130
   Registrar: INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM
   Whois Server: whois.itsyourdomain.com
   Referral URL: http://www.itsyourdomain.com
 
 
 
   Domain Name: GOOGLE.COM
   Registrar: ALLDOMAINS.COM INC.
   Whois Server: whois.alldomains.com
   Referral URL: http://www.alldomains.com
   Name Server: NS2.GOOGLE.COM
   Name Server: NS1.GOOGLE.COM
   Name Server: NS3.GOOGLE.COM
   Name Server: NS4.GOOGLE.COM

Mark Bassett
Network Administrator
World media company
Omaha.com
402-898-2079



-----Original Message-----
From: Chris McGinnis [mailto:chrism@...ireless.com] 
Sent: Tuesday, December 30, 2003 12:43 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Whois acting funny in FreeBSD

Today I've noticed something weird on all my FreeBSD boxes.  When I
whois 
domains like msn.com, microsoft.com, aol.com and others I get stuff
like:

$ whois msn.com

Whois Server Version 1.3

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

MSN.COM.TW
MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
MSN.COM

My linux boxes seem to work fine.  When I query a specific whois server 
such as whois.networksolutions.com it works fine also.  Is anyone else 
getting anything like this?  I'm thinking maybe the default whois server

that the whois program queries has been compromised?  I'm not sure what
the 
default whois server is.

-Chris


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


************************************************************
Omaha World-Herald Company computer systems are for business use only.
This e-mail was scanned by MailSweeper
************************************************************


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ