Full Disclosure mailing list archives
Re: Possible DNS compromise/poisoning?
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 05 Jan 2005 19:12:43 +0100
Is anyone else seeing this: --SNIP-- ;; QUESTION SECTION: ;www.microsoft.com. IN A ;; ANSWER SECTION: www.microsoft.com. 2415 IN CNAME www.microsoft.com.nsatc.net. --SNIP-- Notice that www.microsoft.com is a cname for www.microsoft.com.nsatc.net. It's not limited to www.microsoft.com and to the best of my knowledge the correct web content is displayed.
AFAIK, this is a side effect because Microsoft uses Savvis' content distribution network. This is by no means a recent change. It's been this way since last June, probably much longer (I haven't got older data). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Possible DNS compromise/poisoning? nicholasnam (Jan 05)
- Re: Possible DNS compromise/poisoning? KF (lists) (Jan 05)
- Re: Possible DNS compromise/poisoning? Florian Weimer (Jan 05)
- RE: Possible DNS compromise/poisoning? ALD, Aditya, Aditya Lalit Deshmukh (Jan 05)
- Re: Possible DNS compromise/poisoning? DanBUK (Jan 06)
- Re: Possible DNS compromise/poisoning? J.A. Terranson (Jan 06)
- Re: Possible DNS compromise/poisoning? Ben McGinnes (Jan 07)
- <Possible follow-ups>
- RE: Possible DNS compromise/poisoning? Madison, Marc (Jan 06)
- RE: Possible DNS compromise/poisoning? nicholasnam (Jan 06)