Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

DNS Poisoning?

From: FSS <fss () itek net au>
Date: Thu, 26 Jul 2001 13:26:29 +0930 (CST)
Hi there,

Long time listener, first time caller.

For some reason our local DNS cache returned this chap when
doing a dig on a small selection of domains:

com.    421     SOA     ns1.hi2000.net. hostmaster.hi2000.net. (
                        20010725        ; serial
                        10800   ; refresh (3 hours)
                        3600    ; retry (1 hour)
                        604800  ; expire (7 days)
                        86400 ) ; minimum (1 day)

A refresh fixed the problem for us.

Doing some digs @ns1.hi2000.net I see it isn't well configured,
also I notice China Chemical Network at http://www.hi2000.net/ .

Has anyone else seen hi2000 mysteriously appear where it shouldn't?

Regards,

FSS.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: