Re: DNS of FreeBSD.org been Attacked!?



Hello,


C:\Documents and Settings\Administrator>nslookup ftp11.tw.freebsd.org 168.95.1.1

Server: dns.hinet.net
Address: 168.95.1.1

Name: ftp11.tw.freebsd.org.com.tw
^^^^^^^^
You seem to nslookup "ftp11.tw.freebsd.org.COM.TW". If it's right,

Address: 82.98.86.170

is correct as follows:

$ dig A ftp11.tw.freebsd.org.com.tw

; <<>> DiG 9.2.4 <<>> A ftp11.tw.freebsd.org.com.tw
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53400
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ftp11.tw.freebsd.org.com.tw. IN A

;; ANSWER SECTION:
ftp11.tw.freebsd.org.com.tw. 600 IN A 82.98.86.170

So you had better check your PC's settings.


BTW, a wild card record(*.org.com.tw) is probably used. For example, I
got same results with following queries:

$ dig A foo.bar.freebsd.org.com.tw
$ dig A foo.bar.org.com.tw
$ dig A foo.org.com.tw


Best regards.

-----
UEDA Hiroyuki <ueda@xxxxxxxxxxxxxxx>
Netforest Inc., JAPAN

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages