DNS of FreeBSD.org been Attacked!?
Bogdan Ćulibrk
bc at default.rs
Tue Mar 24 01:52:16 PDT 2009
UEDA Hiroyuki wrote:
> Hello,
>
>
>> C:\Documents and Settings\Administrator>nslookup ftp11.tw.freebsd.org 168.95.1.1
>>
>> Server: dns.hinet.net
>> Address: 168.95.1.1
>>
>> Name: ftp11.tw.freebsd.org.com.tw
> ^^^^^^^^
> You seem to nslookup "ftp11.tw.freebsd.org.COM.TW". If it's right,
>
>> Address: 82.98.86.170
>
> is correct as follows:
>
> $ dig A ftp11.tw.freebsd.org.com.tw
>
> ; <<>> DiG 9.2.4 <<>> A ftp11.tw.freebsd.org.com.tw
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53400
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;ftp11.tw.freebsd.org.com.tw. IN A
>
> ;; ANSWER SECTION:
> ftp11.tw.freebsd.org.com.tw. 600 IN A 82.98.86.170
>
> So you had better check your PC's settings.
>
>
> BTW, a wild card record(*.org.com.tw) is probably used. For example, I
> got same results with following queries:
>
> $ dig A foo.bar.freebsd.org.com.tw
> $ dig A foo.bar.org.com.tw
> $ dig A foo.org.com.tw
>
An epic fail guy ;>
More information about the freebsd-security
mailing list