nanog mailing list archives
Re: DNS hijack?
From: Stephane Bortzmeyer <bortzmeyer () nic fr>
Date: Thu, 11 Nov 2021 22:40:13 +0100
On Thu, Nov 11, 2021 at 01:28:07PM -0800, Jeff Shultz <jeffshultz () sctcweb com> wrote a message of 105 lines which said:
I hit my registrar, DirectNic, and found I'm good through 2023. They pulled up DNS checker and found that a bunch of DNS servers were showing 208.91.197.132 as the IP for the domain. It's actually in 64.130.197.x . I'm wondering if I was the only one?
No, you're not. Half of the RIPE Atlas probes see the wrong address: % blaeu-resolve -r 100 --type A 2dpnr.org [64.130.197.11] : 59 occurrences [208.91.197.132] : 41 occurrences Test #33310635 done at 2021-11-11T21:38:30Z
Current thread:
- DNS hijack? Jeff Shultz (Nov 11)
- Re: DNS hijack? Jeff Shultz (Nov 11)
- Re: DNS hijack? Stephane Bortzmeyer (Nov 12)
- Re: DNS hijack? Stephane Bortzmeyer (Nov 11)
- Re: DNS hijack? Jeff Shultz (Nov 11)
- Re: DNS hijack? William Herrin (Nov 12)
- Re: DNS hijack? Matthew Petach (Nov 12)
- Re: DNS hijack? Jeff Shultz (Nov 12)
- Re: DNS hijack? Robert L Mathews (Nov 12)
- Re: DNS hijack? Jim (Nov 13)
- Re: DNS hijack? Jeff Shultz (Nov 11)
- Re: DNS hijack? Jeff Shultz (Nov 11)
- Re: DNS hijack? Stephane Bortzmeyer (Nov 12)
- Re: DNS hijack? Jeff Shultz (Nov 12)
- Re: DNS hijack? Jim (Nov 12)