Re: Because Re: Why?

---

• From: "N. Miller" <anonymous@xxxxxxxxxxxxxxxxx>
• Date: Mon, 15 Dec 2008 15:00:15 -0800

---

On Mon, 15 Dec 2008 11:28:15 -0000, ~BD~ wrote:

"Colton" <educability@xxxxxxxxx> wrote in message
news:497BE699-D8B9-4A2D-8371-96B3542B15CB@xxxxxxxxxxxxxxxx

Yes, why are we posting whois information for this IP address?

--

Dave, this is pretty annoying; posting your reply *after* a sig separator,
which causes a proper news reader to trim the quote, instead of mark it as a
quote. In fact, your post makes it appear not to be your post at all.

On to business ...

Just a silly idea of mine in view of the fact that the authenticity of
the URL seemed questionable, viz:-

Reverse DNS authenticity: **** Could be forged: hostname ****
202-177-16-121.kdd.net.hk. does not exist

Perhaps you should ask Peter Foldes (who first posted the URL) what
might happen if someone were to visit that site.

Nothing. I've been there. The "could be forged: hostname does not exist" is
not something Peter can control; he does not own that IP address. It is a
flaw in the way that 'kdd.net.hk' has set up their IP address host names,
nothing more. I've noticed that the APNIC ISPs tend to set up dynamic hosts
in unusual, and unexpected ways. I am not conversant in the requirements of
the RFCs, but I don't think an ISP is *required* to provide more than a
generic 'in-addr.arpa' pointer for a dynamically assigned IP address, thus:

| 12/15/08 14:28:20 dig 202.177.16.121 @ 68.94.156.1
| Dig 121.16.177.202.in-addr.arpa@xxxxxxxxxxx ...
| Non-authoritative answer
| Recursive queries supported by this server
| Query for 121.16.177.202.in-addr.arpa type=255 class=1
| 121.16.177.202.in-addr.arpa PTR (Pointer) 202-177-16-121.kdd.net.hk

Now, see what you can make of these:

| 12/15/08 14:29:23 dns aosake.net
| Mail for aosake.net is handled by reki.aosake.net
| Canonical name: aosake.net
| Addresses:
| 68.126.43.169

That is a vanity domain, though I prefer to think of it as a "hobby" domain.
I pay to use it. But I don't own that IP address, and can't control the host
name assigned to it (the IP address is under the control of AT&T Internet
Services (ATTIS), who determine what host name will be used).

Then there is:

| 12/15/08 14:43:39 dns www1.aosake.net
| Mail for www1.aosake.net is handled by reki.aosake.net
| Canonical name: aosake.net
| Aliases:
| www1.aosake.net
| Addresses:
| 68.126.43.169

But, if you do a DNS lookup on the IP address, you won't get my host name,
you get:

| 12/15/08 14:29:36 Dns 68.126.43.169
| nslookup 68.126.43.169
| Canonical name: adsl-68-126-43-169.dsl.pltn13.pacbell.net
| Addresses:
| 68.126.43.169

Which, on reverse lookup yields:

| 12/15/08 14:29:43 Dns adsl-68-126-43-169.dsl.pltn13.pacbell.net
| Canonical name: adsl-68-126-43-169.dsl.pltn13.pacbell.net
| Addresses:
| 68.126.43.169

There is no "hanky panky" here. Because AT&T assigns my IP address
dynamically, and it will change whenever either AT&T, or I, make a change in
the PPP session, I use the services of "Dynamic DNS Network Services, LLC"
to keep the domain pointed at whatever IP address is assigned at any given
time. It is just one way to keep a web site on the Internet; maybe not the
best because malicious characters can do the same thing. But it would more
than double my monthly ISP bill (as compared with the low annual fee I pay
DynDNS) to have a static IP address from AT&T (but I would be able to get
AT&T to changed the reverse name to match my domain record).

As far as companies which pay for static IP address assignment, and/or
blocks of IP addresses, and/or control their own DNS records: Even they can
be compromised by malicious actors, hijacking their domains, or hacking
their web sites with malicious intent.

The Internet infrastructure, as currently uses, was designed when the
Internet was totally under the control of the U.S. Department of Defense,
and access was limited, and granted by administrators who jealously guarded
the gates, lest they lose their own government granted rights of access.
Security was built in to the method used to vet those requesting Internet
access; it was, basically, a "need to know" sort of thing.

Then along came Al Gore ...

--
Norman
~Shine, bright morning light,
~now in the air the spring is coming.
~Sweet, blowing wind,
~singing down the hills and valleys.
.

---

• Follow-Ups:
  • Re: Because Re: Why?
    • From: ~BD~

• Prev by Date: To continue sending your message, please solve the puzzle?
• Next by Date: Re: Because Re: Why?
• Previous by thread: To continue sending your message, please solve the puzzle?
• Next by thread: Re: Because Re: Why?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Because Re: Why? ... "Internet attacks are overwhelmingly orchestrated via networks of ... not something Peter can control; he does not own that IP address. ... flaw in the way that 'kdd.net.hk' has set up their IP address host ... As far as companies which pay for static IP address assignment, ... (microsoft.public.security) Re: A marketing question ... RTC Host, Viewer and Control work through firewalls and proxy servers by using the HTTP protocol, acting like a Web Browser. ... (borland.public.delphi.thirdpartytools.general) Re: some further comments... ... but the Internet is risky. ... They also want to reduce support costs. ... satisfy corporate customers. ... to gain some control over the Internet and profit from the ... (microsoft.public.scripting.vbscript) Re: 2 pc network - cant see host files from pc 2 on pc 1 ... If the second card is lost on HOST PC then DSL Internet does not connect. ... Ditch the second network card in the one ... (microsoft.public.windowsxp.security_admin) RE: Spamcop listed - need help to diagnose why ... >> The damage done to the Internet by just a single host that might ... using archaic versions of Exchange, or notes mail, or whatever - these ... All I said was that listing systems that do not ... (freebsd-questions)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)