lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 9 May 2011 01:53:43 +0530
From: Sagar Belure <sagar.belure@...il.com>
To: Gustavo <gustavorobertux@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: WTF

Hi,

On Sat, May 7, 2011 at 12:19 AM, Gustavo <gustavorobertux@...il.com> wrote:
>
> WTF ?
>
> notebook:~$ ping www.compusa.com
> PING bh.georedirector.akadns.net (127.0.0.1) 56(84) bytes of data.
> 64 bytes from localhost.localdomain (127.0.0.1): icmp_req=1 ttl=64 time=0.019 ms
>
> notebook:~$ ping www.tigerdirect.com
> PING bh.georedirector.akadns.net (127.0.0.1) 56(84) bytes of data.
> 64 bytes from localhost.localdomain (127.0.0.1): icmp_req=1 ttl=64 time=0.022 ms
>

Hehe...This is funny.
Well, to me, *bh.georedirector.akadns.net* seems to be the culprit.

Here is what I got on my box...

$ host compusa.com
compusa.com has address 206.191.131.89
compusa.com mail is handled by 10 mail.highspeedbackbone.net.
$ host www.compusa.com
www.compusa.com is an alias for compusa.syx.com.akadns.net.
compusa.syx.com.akadns.net is an alias for bh.georedirector.akadns.net.
bh.georedirector.akadns.net has address 127.0.0.1
$ host tigerdirect.com
tigerdirect.com has address 206.191.131.89
tigerdirect.com mail is handled by 10 mail.highspeedbackbone.net.
$ host www.tigerdirect.com
www.tigerdirect.com is an alias for wwwtigerdirect.syx.com.akadns.net.
wwwtigerdirect.syx.com.akadns.net is an alias for bh.georedirector.akadns.net.
bh.georedirector.akadns.net has address 127.0.0.1

Even if you ask same questions to OpenDNS(208.67.222.222) or Google
DNS servers(8.8.8.8)
They say...

$ host bh.georedirector.akadns.net 208.67.222.222
Using domain server:
Name: 208.67.222.222
Address: 208.67.222.222#53
Aliases:

bh.georedirector.akadns.net has address 127.0.0.1
$ host bh.georedirector.akadns.net 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

bh.georedirector.akadns.net has address 127.0.0.1


OR asking same thing to some of Nameservers of akadns.net, I got...

$ host -t ns akadns.net
akadns.net name server eur1.akadns.net.
akadns.net name server zc.akadns.org.
akadns.net name server zd.akadns.org.
akadns.net name server use3.akadns.net.
akadns.net name server asia9.akadns.net.
akadns.net name server zb.akadns.org.
akadns.net name server usw2.akadns.net.
akadns.net name server za.akadns.org.
akadns.net name server use4.akadns.net.
$ host bh.georedirector.akadns.net eur1.akadns.net
Using domain server:
Name: eur1.akadns.net
Address: 195.59.44.134#53
Aliases:

bh.georedirector.akadns.net has address 127.0.0.1
$ host bh.georedirector.akadns.net asia9.akadns.net
Using domain server:
Name: asia9.akadns.net
Address: 222.122.64.133#53
Aliases:

bh.georedirector.akadns.net has address 127.0.0.1
$ host bh.georedirector.akadns.net za.akadns.org
Using domain server:
Name: za.akadns.org
Address: 96.6.112.198#53
Aliases:

bh.georedirector.akadns.net has address 127.0.0.1


Just my two cents.

BTW, if anyone has any idea, is this intentional or something?

Thanks,
Sagar Belure
Security Analyst
Secfence Technologies
www.secfence.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ