lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: hhoffman at ip-solutions.net (Harry Hoffman)
Subject: Whois acting funny in FreeBSD

Did you read Randall Schwartz's commentary on why this happens?

Quoting "Bassett, Mark" <mbassett@...ha.com>:

*> One more update ( sorry for the multiple postings..
*> 
*> So looks like whois.godaddy.com   whois.gandi.net and
*> whois.itsyourdomain.com are the offenders.
*> 
*> 
*> Server Name: MSN.COM.TW
*>    Registrar: GO DADDY SOFTWARE, INC.
*>    Whois Server: whois.godaddy.com
*>    Referral URL: http://registrar.godaddy.com
*> 
*> 
*> 
*>    Server Name: MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
*>    IP Address: 80.190.192.23
*>    Registrar: GANDI
*>    Whois Server: whois.gandi.net
*>    Referral URL: http://www.gandi.net
*> 
*> 
*> Server Name: GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
*>    IP Address: 80.190.192.24
*>    Registrar: GANDI
*>    Whois Server: whois.gandi.net
*>    Referral URL: http://www.gandi.net
*> 
*> 
*> 
*>    Server Name:
*> GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
*>    IP Address: 209.187.114.130
*>    Registrar: INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM
*>    Whois Server: whois.itsyourdomain.com
*>    Referral URL: http://www.itsyourdomain.com
*> 
*> 
*> 
*>    Domain Name: GOOGLE.COM
*>    Registrar: ALLDOMAINS.COM INC.
*>    Whois Server: whois.alldomains.com
*>    Referral URL: http://www.alldomains.com
*>    Name Server: NS2.GOOGLE.COM
*>    Name Server: NS1.GOOGLE.COM
*>    Name Server: NS3.GOOGLE.COM
*>    Name Server: NS4.GOOGLE.COM
*> 
*> Mark Bassett
*> Network Administrator
*> World media company
*> Omaha.com
*> 402-898-2079
*> 
*> 
*> 
*> -----Original Message-----
*> From: Chris McGinnis [mailto:chrism@...ireless.com]
*> Sent: Tuesday, December 30, 2003 12:43 PM
*> To: full-disclosure@...ts.netsys.com
*> Subject: [Full-Disclosure] Whois acting funny in FreeBSD
*> 
*> Today I've noticed something weird on all my FreeBSD boxes.  When I
*> whois
*> domains like msn.com, microsoft.com, aol.com and others I get stuff
*> like:
*> 
*> $ whois msn.com
*> 
*> Whois Server Version 1.3
*> 
*> Domain names in the .com and .net domains can now be registered
*> with many different competing registrars. Go to http://www.internic.net
*> for detailed information.
*> 
*> MSN.COM.TW
*> MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
*> MSN.COM
*> 
*> My linux boxes seem to work fine.  When I query a specific whois server
*> such as whois.networksolutions.com it works fine also.  Is anyone else
*> getting anything like this?  I'm thinking maybe the default whois server
*> 
*> that the whois program queries has been compromised?  I'm not sure what
*> the
*> default whois server is.
*> 
*> -Chris
*> 
*> 
*> _______________________________________________
*> Full-Disclosure - We believe in it.
*> Charter: http://lists.netsys.com/full-disclosure-charter.html
*> 
*> 
*> ************************************************************
*> Omaha World-Herald Company computer systems are for business use only.
*> This e-mail was scanned by MailSweeper
*> ************************************************************
*> 
*> _______________________________________________
*> Full-Disclosure - We believe in it.
*> Charter: http://lists.netsys.com/full-disclosure-charter.html
*> 


-- 
Harry Hoffman
hhoffman@...solutions.net

#----------------------------------------------------------------#
# Harry: version 4.0a                                            #
# Known bugs:                                                    #
# 1) Verbal output may occur before data processing is complete. #
# 2) Loudspeaker option may activate without being invoked.      #
# 3) Other bugs as reported                                      #
#----------------------------------------------------------------#

-------------------------------------------------
This mail sent through IpSolutions: http://www.ip-solutions.net/


Powered by blists - more mailing lists