Full Disclosure mailing list archives
RE: Whois acting funny in FreeBSD
From: "Bassett, Mark" <mbassett () omaha com>
Date: Tue, 30 Dec 2003 13:47:01 -0600
One more update ( sorry for the multiple postings.. So looks like whois.godaddy.com whois.gandi.net and whois.itsyourdomain.com are the offenders. Server Name: MSN.COM.TW Registrar: GO DADDY SOFTWARE, INC. Whois Server: whois.godaddy.com Referral URL: http://registrar.godaddy.com Server Name: MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM IP Address: 80.190.192.23 Registrar: GANDI Whois Server: whois.gandi.net Referral URL: http://www.gandi.net Server Name: GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM IP Address: 80.190.192.24 Registrar: GANDI Whois Server: whois.gandi.net Referral URL: http://www.gandi.net Server Name: GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM IP Address: 209.187.114.130 Registrar: INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM Whois Server: whois.itsyourdomain.com Referral URL: http://www.itsyourdomain.com Domain Name: GOOGLE.COM Registrar: ALLDOMAINS.COM INC. Whois Server: whois.alldomains.com Referral URL: http://www.alldomains.com Name Server: NS2.GOOGLE.COM Name Server: NS1.GOOGLE.COM Name Server: NS3.GOOGLE.COM Name Server: NS4.GOOGLE.COM Mark Bassett Network Administrator World media company Omaha.com 402-898-2079 -----Original Message----- From: Chris McGinnis [mailto:chrism () t3wireless com] Sent: Tuesday, December 30, 2003 12:43 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] Whois acting funny in FreeBSD Today I've noticed something weird on all my FreeBSD boxes. When I whois domains like msn.com, microsoft.com, aol.com and others I get stuff like: $ whois msn.com Whois Server Version 1.3 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. MSN.COM.TW MSN.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM MSN.COM My linux boxes seem to work fine. When I query a specific whois server such as whois.networksolutions.com it works fine also. Is anyone else getting anything like this? I'm thinking maybe the default whois server that the whois program queries has been compromised? I'm not sure what the default whois server is. -Chris _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ************************************************************ Omaha World-Herald Company computer systems are for business use only. This e-mail was scanned by MailSweeper ************************************************************ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Whois acting funny in FreeBSD Chris McGinnis (Dec 30)
- Re: Whois acting funny in FreeBSD Randal L. Schwartz (Dec 30)
- Re: Whois acting funny in FreeBSD petard (Dec 30)
- Re: Whois acting funny in FreeBSD Rev. Kronovohr (Dec 30)
- <Possible follow-ups>
- RE: Whois acting funny in FreeBSD Bassett, Mark (Dec 30)
- Re: Whois acting funny in FreeBSD Randal L. Schwartz (Dec 30)
- RE: Whois acting funny in FreeBSD Harry Hoffman (Dec 30)
- RE: Whois acting funny in FreeBSD Bassett, Mark (Dec 30)
- RE: Whois acting funny in FreeBSD Bassett, Mark (Dec 30)
- Re: Whois acting funny in FreeBSD Damian Gerow (Dec 30)