News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
May 18, 2013, 08:56:07
linktree cexx.org - Support Forums  >  Everything Else  >  Bitch Board
linktree Topic: DNS cache poisoning again!
Pages: [1]   Go Down
« previous next »
  Print  
Topic: DNS cache poisoning again!  (Read 661 times)
0 Members and 1 Guest are viewing this topic.
« on: May 03, 2006, 02:59:01 »
AplusWebMaster Offline
Global Moderator WWW
Karma: 501
Posts: 7314
FYI...

- http://isc.sans.org/diary.php?storyid=1305
Last Updated: 2006-05-03 02:46:17 UTC
"DNS cache poisoning report. For background you may wish to review this report  http://isc.sans.org/presentations/dnspoisoning.php
and this issue about BIND 4 or 8 not being suitable as forwarders http://isc.sans.org/diary.php?date=2005-04-28

Next, a request. PLEASE review your dns servers logs and cache for 65.23.154.2 If you find it listed as authoritative for .com please send us an email with a dump of the dns cache. Directions for dumping, cleaning and protecting your cache are available in the write-up above.

Serverhome.com (65.23.154.2) is being reported for Kashpureff-style cache poisoning for the.com TLD.

This report shows there are about 16k domains hosted on this server.
http://www.ipwalk.com/webhost/total_domains/webhost_name/serverhome.com

Be careful if you look up one of those domains there is a good chance you will see extra RR records including ones that claim they are authoritative for .com ..."


(Much more detail at the ISC URL above.)

 Shocked
Logged
This machine has no brain.
....... Use your own.
Browser check for updates here.
.
 
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Page created in 0.158 seconds with 19 queries.