[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Whois acting funny in FreeBSD
- To: full-disclosure@lists.netsys.com
- Subject: RE: [Full-Disclosure] Whois acting funny in FreeBSD
- From: Harry Hoffman <hhoffman@ip-solutions.net>
- Date: Tue, 30 Dec 2003 16:22:08 -0500
Did you read Randall Schwartz's commentary on why this happens?
Quoting "Bassett, Mark" <mbassett@omaha.com>:
*> One more update ( sorry for the multiple postings..
*>
*> So looks like whois.godaddy.com whois.gandi.net and
*> whois.itsyourdomain.com are the offenders.
*>
*>
*> Server Name: MSN.COM.TW
*> Registrar: GO DADDY SOFTWARE, INC.
*> Whois Server: whois.godaddy.com
*> Referral URL: http://registrar.godaddy.com
*>
*>
*>
*> Server Name: MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
*> IP Address: 80.190.192.23
*> Registrar: GANDI
*> Whois Server: whois.gandi.net
*> Referral URL: http://www.gandi.net
*>
*>
*> Server Name: GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
*> IP Address: 80.190.192.24
*> Registrar: GANDI
*> Whois Server: whois.gandi.net
*> Referral URL: http://www.gandi.net
*>
*>
*>
*> Server Name:
*> GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
*> IP Address: 209.187.114.130
*> Registrar: INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM
*> Whois Server: whois.itsyourdomain.com
*> Referral URL: http://www.itsyourdomain.com
*>
*>
*>
*> Domain Name: GOOGLE.COM
*> Registrar: ALLDOMAINS.COM INC.
*> Whois Server: whois.alldomains.com
*> Referral URL: http://www.alldomains.com
*> Name Server: NS2.GOOGLE.COM
*> Name Server: NS1.GOOGLE.COM
*> Name Server: NS3.GOOGLE.COM
*> Name Server: NS4.GOOGLE.COM
*>
*> Mark Bassett
*> Network Administrator
*> World media company
*> Omaha.com
*> 402-898-2079
*>
*>
*>
*> -----Original Message-----
*> From: Chris McGinnis [mailto:chrism@t3wireless.com]
*> Sent: Tuesday, December 30, 2003 12:43 PM
*> To: full-disclosure@lists.netsys.com
*> Subject: [Full-Disclosure] Whois acting funny in FreeBSD
*>
*> Today I've noticed something weird on all my FreeBSD boxes. When I
*> whois
*> domains like msn.com, microsoft.com, aol.com and others I get stuff
*> like:
*>
*> $ whois msn.com
*>
*> Whois Server Version 1.3
*>
*> Domain names in the .com and .net domains can now be registered
*> with many different competing registrars. Go to http://www.internic.net
*> for detailed information.
*>
*> MSN.COM.TW
*> MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
*> MSN.COM
*>
*> My linux boxes seem to work fine. When I query a specific whois server
*> such as whois.networksolutions.com it works fine also. Is anyone else
*> getting anything like this? I'm thinking maybe the default whois server
*>
*> that the whois program queries has been compromised? I'm not sure what
*> the
*> default whois server is.
*>
*> -Chris
*>
*>
*> _______________________________________________
*> Full-Disclosure - We believe in it.
*> Charter: http://lists.netsys.com/full-disclosure-charter.html
*>
*>
*> ************************************************************
*> Omaha World-Herald Company computer systems are for business use only.
*> This e-mail was scanned by MailSweeper
*> ************************************************************
*>
*> _______________________________________________
*> Full-Disclosure - We believe in it.
*> Charter: http://lists.netsys.com/full-disclosure-charter.html
*>
--
Harry Hoffman
hhoffman@ip-solutions.net
#----------------------------------------------------------------#
# Harry: version 4.0a #
# Known bugs: #
# 1) Verbal output may occur before data processing is complete. #
# 2) Loudspeaker option may activate without being invoked. #
# 3) Other bugs as reported #
#----------------------------------------------------------------#
-------------------------------------------------
This mail sent through IpSolutions: http://www.ip-solutions.net/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html