[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <3E71BE64C6ECD8449CD5A236F700FA96B87872@odcexch.wei.owhc.net>
From: mbassett at omaha.com (Bassett, Mark)
Subject: Whois acting funny in FreeBSD
One more update ( sorry for the multiple postings..
So looks like whois.godaddy.com whois.gandi.net and
whois.itsyourdomain.com are the offenders.
Server Name: MSN.COM.TW
Registrar: GO DADDY SOFTWARE, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Server Name: MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
IP Address: 80.190.192.23
Registrar: GANDI
Whois Server: whois.gandi.net
Referral URL: http://www.gandi.net
Server Name: GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
IP Address: 80.190.192.24
Registrar: GANDI
Whois Server: whois.gandi.net
Referral URL: http://www.gandi.net
Server Name:
GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
IP Address: 209.187.114.130
Registrar: INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM
Whois Server: whois.itsyourdomain.com
Referral URL: http://www.itsyourdomain.com
Domain Name: GOOGLE.COM
Registrar: ALLDOMAINS.COM INC.
Whois Server: whois.alldomains.com
Referral URL: http://www.alldomains.com
Name Server: NS2.GOOGLE.COM
Name Server: NS1.GOOGLE.COM
Name Server: NS3.GOOGLE.COM
Name Server: NS4.GOOGLE.COM
Mark Bassett
Network Administrator
World media company
Omaha.com
402-898-2079
-----Original Message-----
From: Chris McGinnis [mailto:chrism@...ireless.com]
Sent: Tuesday, December 30, 2003 12:43 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Whois acting funny in FreeBSD
Today I've noticed something weird on all my FreeBSD boxes. When I
whois
domains like msn.com, microsoft.com, aol.com and others I get stuff
like:
$ whois msn.com
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
MSN.COM.TW
MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
MSN.COM
My linux boxes seem to work fine. When I query a specific whois server
such as whois.networksolutions.com it works fine also. Is anyone else
getting anything like this? I'm thinking maybe the default whois server
that the whois program queries has been compromised? I'm not sure what
the
default whois server is.
-Chris
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
************************************************************
Omaha World-Herald Company computer systems are for business use only.
This e-mail was scanned by MailSweeper
************************************************************
Powered by blists - more mailing lists