nanog mailing list archives
Re: DNS poisoning at Google?
From: Kevin Day <toasty () dragondata com>
Date: Tue, 26 Jun 2012 23:21:21 -0500
On Jun 26, 2012, at 10:53 PM, Matthew Black wrote:
Google Safe Browsing and Firefox have marked our website as containing malware. They claim our home page returns no results, but redirects users to another compromised website couchtarts.com. We have thoroughly examined our root .htaccess and httpd.conf files and are not redirecting to the problem target site. No recent changes either. We ran some NSLOOKUPs against various public DNS servers and intermittently get results that are NOT our servers. We believe the DNS servers used by Google's crawler have been poisoned. Can anyone shed some light on this?
Not sure if it's related, but yesterday one of my clients (a top 500 alexa site) suddenly had most search results (when googling for things like the site's name) suddenly change to some other shady looking domain that's just sending 302 redirects to the real site. All the same search results are there, but they're now sending everyone to the wrong domain that's just redirecting to the correct place. No idea how Google thought this is correct and I'm totally failing at getting anyone's attention at Google to look into this. This coincided with this message from @google on twitter yesterday: Heads up: we're pushing a new Panda data refresh that noticeably affects only ~1% of queries worldwide. http://twitter.com/google/status/217366321879453696 But i'm not sure that's related either. -- Kevin
Current thread:
- RE: DNS poisoning at Google?, (continued)
- RE: DNS poisoning at Google? Matthew Black (Jun 27)
- Re: DNS poisoning at Google? Bryan Irvine (Jun 27)
- Re: DNS poisoning at Google? Ishmael Rufus (Jun 27)
- RE: DNS poisoning at Google? Ian McDonald (Jun 27)
- Re: DNS poisoning at Google? Michael J Wise (Jun 27)
- Re: DNS poisoning at Google? TR Shaw (Jun 27)
- Re: DNS poisoning at Google? AP NANOG (Jun 27)
- RE: DNS poisoning at Google? Matthew Black (Jun 27)
- Re: DNS poisoning at Google? Bryan Irvine (Jun 27)
- Re: DNS poisoning at Google? Jason Hellenthal (Jun 26)
- Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Daniel Rohan (Jun 27)
- Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Arturo Servin (Jun 27)
- Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Jason Hellenthal (Jun 27)
- Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Ryan Rawdon (Jun 27)
- Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Ryan Rawdon (Jun 27)
- RE: No DNS poisoning at Google (in case of trouble, blame the DNS) Matthew Black (Jun 27)
- RE: No DNS poisoning at Google (in case of trouble, blame the DNS) Matthew Black (Jun 27)
- Re: No DNS poisoning at Google (in case of trouble, blame the DNS) AP NANOG (Jun 27)