Security Incidents mailing list archives
RE: Superkay.com:888
From: "Dave Hart" <davehart () davehart com>
Date: Wed, 19 Sep 2001 02:58:01 -0000
I'll bet your DNS server is the root of that problem. See what IP(s) www.cnn.com or www.oracle.com resolves to on a machine that sees this problem. I'll bet it's not what it resolves to on a machine without the problem. If your DNS server is NT or Windows 2000 see http://www.cert.org/incident_notes/IN-2001-11.html FYI here's what they resolve to for me (and I don't get redirected to superkay): Name: bigip-www.us.oracle.com Address: 148.87.9.44 Aliases: www.oracle.com Name: cnn.com Addresses: 207.25.71.27, 207.25.71.29, 64.12.50.153, 64.12.50.249 64.12.48.217, 64.12.48.249, 64.12.50.121, 207.25.71.5, 64.12.50.217 207.25.71.25 Aliases: www.cnn.com Dave Hart ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Superkay.com:888 Richard Bradford (Sep 18)
- Re: Superkay.com:888 sanghun (Sep 18)
- <Possible follow-ups>
- RE: Superkay.com:888 Dave Hart (Sep 18)