Full Disclosure mailing list archives
RE: windowsupdate.com
From: Joshua Thomas <JThomas () poweronemedia com>
Date: Wed, 13 Aug 2003 17:40:57 -0400
'dig' is your friend: ; <<>> DiG 8.3 <<>> windowsupdate.com ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; windowsupdate.com, type = A, class = IN ;; ANSWER SECTION: windowsupdate.com. 15M IN A 207.46.134.94 windowsupdate.com. 15M IN A 207.46.134.30 and ; <<>> DiG 8.3 <<>> v3.windowsupdate.microsoft.com ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4 ;; QUERY SECTION: ;; v3.windowsupdate.microsoft.com, type = A, class = IN ;; ANSWER SECTION: v3.windowsupdate.microsoft.com. 2H IN CNAME v3windowsupdate.microsoft.nsatc.net. v3windowsupdate.microsoft.nsatc.net. 5M IN A 207.46.249.61 ;; AUTHORITY SECTION: nsatc.net. 15h19m43s IN NS m.ns.nsatc.net. nsatc.net. 15h19m43s IN NS a.ns.nsatc.net. nsatc.net. 15h19m43s IN NS us-ga-1.ns.nsatc.net. nsatc.net. 15h19m43s IN NS h.ns.nsatc.net. ;; ADDITIONAL SECTION: m.ns.nsatc.net. 14h4m31s IN A 63.121.106.141 a.ns.nsatc.net. 14h4m31s IN A 206.25.8.69 us-ga-1.ns.nsatc.net. 14h28s IN A 63.150.183.46 h.ns.nsatc.net. 14h28s IN A 63.104.225.171 and ; <<>> DiG 8.3 <<>> v4.windowsupdate.microsoft.com ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4 ;; QUERY SECTION: ;; v4.windowsupdate.microsoft.com, type = A, class = IN ;; ANSWER SECTION: v4.windowsupdate.microsoft.com. 1h34m17s IN CNAME v4windowsupdate.microsoft.nsatc.net. v4windowsupdate.microsoft.nsatc.net. 1S IN A 207.46.249.157 ;; AUTHORITY SECTION: nsatc.net. 15h19m16s IN NS m.ns.nsatc.net. nsatc.net. 15h19m16s IN NS a.ns.nsatc.net. nsatc.net. 15h19m16s IN NS us-ga-1.ns.nsatc.net. nsatc.net. 15h19m16s IN NS h.ns.nsatc.net. ;; ADDITIONAL SECTION: m.ns.nsatc.net. 14h4m4s IN A 63.121.106.141 a.ns.nsatc.net. 14h4m4s IN A 206.25.8.69 us-ga-1.ns.nsatc.net. 14h1s IN A 63.150.183.46 h.ns.nsatc.net. 14h1s IN A 63.104.225.171 Joshua Thomas Network Operations Engineer PowerOne Media, Inc. tel: 518-687-6143 jthomas () poweronemedia com -----Original Message----- From: Laurent LEVIER [mailto:llevier () argosnet com] Sent: Wednesday, August 13, 2003 2:51 PM To: KF; Andrew Simmons Cc: Andreas Gietl; Rafa³ ^^MA g^^ Kwa½ny; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] windowsupdate.com Guys, When you nslookup windowsupdate.microsoft.com, you get a different response from the DNS (instead of having multiple IP Addresses for this single record). Testing windowsupdate.microsoft.com, then v3.windowsupdate.microsoft.com or v4.windowsupdate.microsoft.com, I got multiple answers: - 207.46.134.29 - 207.46.134.30 - 207.46.134.93 - 207.46.134.94 - 207.46.249.61 - 65.54.249.61 - 65.54.249.254 As you can see, all these are located in 3 C classes. Brgrds Laurent LEVIER IT Systems & Networks Security Expert _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- windowsupdate.com Rafa³ ^^MAg^^ Kwaœny (Aug 13)
- Re: windowsupdate.com Andreas Gietl (Aug 13)
- Re: windowsupdate.com Andrew Simmons (Aug 13)
- Re: windowsupdate.com KF (Aug 13)
- Re: windowsupdate.com Laurent LEVIER (Aug 13)
- Re: windowsupdate.com Andrew Simmons (Aug 13)
- Re: windowsupdate.com Andreas Gietl (Aug 13)
- Re: windowsupdate.com Kryptos (Aug 13)
- <Possible follow-ups>
- RE: windowsupdate.com David Vincent (Aug 13)
- RE: windowsupdate.com Turk, Anthony (Aug 13)
- Re: windowsupdate.com Felipe Scuciatto dos Santos (Aug 13)
- RE: windowsupdate.com Joshua Thomas (Aug 13)