[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] I'm not the only one who can't resolve phishtank.com, but some can..

I get a valid answer as well:

Tracing to phishtank.com[a] via 127.0.0.1, maximum of 3 retries
127.0.0.1 (127.0.0.1)
 |\___ auth3.opendns.com [phishtank.com] (208.69.39.2) Got authoritative 
answer
 |\___ auth2.opendns.com [phishtank.com] (208.67.219.54) Got authoritative 
answer
  \___ auth1.opendns.com [phishtank.com] (38.99.14.20) Got authoritative 
answer

auth1.opendns.com (38.99.14.20)         phishtank.com -> 66.135.40.79
auth2.opendns.com (208.67.219.54)       phishtank.com -> 66.135.40.79
auth3.opendns.com (208.69.39.2)         phishtank.com -> 66.135.40.79


What'd I'd do is throw it in your hosts file temporarily until DNS behaves

On Sunday 25 March 2007 15:53, Tim wrote:
> Looks fine for me:
>
> ------------
>
> ; <<>> DiG 9.3.4 <<>> phishtank.com
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26391
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;phishtank.com.                       IN      A
>
> ;; ANSWER SECTION:
> phishtank.com.                42      IN      A       66.135.40.79
>
> ;; Query time: 4 msec
> ;; SERVER: 10.0.1.1#53(10.0.1.1)
> ;; WHEN: Sun Mar 25 15:49:29 2007
> ;; MSG SIZE  rcvd: 47
>
> -------------
>
> Do some of you happen to have a poisoned MS or Symantec DNS cache
> upstream of you?  (See [1] fmi.)
>
> tim
>
>
> 1.  http://www.incidents.org/presentations/dnspoisoning.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/