nanog mailing list archives

Re: the Intercage mess

From: "Paul Ferguson" <fergdawgster () gmail com>
Date: Wed, 24 Sep 2008 23:46:08 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Sep 24, 2008 at 10:45 PM, Paul Ferguson <fergdawgster () gmail com>
wrote:

Why is Intercage hosting Cernel.net?

cernel.net -A-> 69.50.176.227

AS      | IP               | AS Name
27595   | 69.50.176.227    | INTERCAGE - InterCage, Inc.

I guess this was just a mistake, right?

Oh, and of course, Cernel.net was registered with... wait for it...
Estdoamins.

And this was very recent.

Go figure.


A bit more:

A glance at DNS relationships between Intercage, Cernel, and Rove
Digital are apparent when digging around on DNS dependencies -- lookup
cernel.net at the BFK DNSLogger:

http://www.bfk.de/bfk_dnslogger.html

ns2.protectdetails.com   A      69.50.176.229
ns1.esthost.com  A      69.50.176.229
ens1.esthost.com         A      69.50.176.229
ns2.esthost.com  A      69.50.176.229
ns2.cernel.net   A      69.50.176.229

AS      | IP               | AS Name
27595   | 69.50.176.229    | INTERCAGE - InterCage, Inc.



Oops. I forgot to add:

ns2.spb-traffic.com      A      69.50.176.227
ns2.site-people.com      A      69.50.176.227
ns2.estsecure.com        A      69.50.176.227
rovedigital.com  A      69.50.176.227
ns2.rovedigital.com      A      69.50.176.227
ans2.rovedigital.com     A      69.50.176.227
dev.rovedigital.com      A      69.50.176.227
ns2.mega-all.com         A      69.50.176.227
ns2.cernel.net   A      69.50.176.227
alpha.cernel.net         A      69.50.176.227
beta.cernel.net  A      69.50.176.227


Just in case anyone needs a refresher on Rove Digital:

http://voices.washingtonpost.com/securityfix/2008/09/estdomains_a_sordid_hi
story_an.html

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFI2zOrq1pz9mNUZTMRAmjeAKDrsXVJuhk1Um8/92cjg51xDUrXOACeJlC0
7rhjnPNtWrPNPEFR+vG4i+k=
=SMP+
-----END PGP SIGNATURE-----

-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/

Current thread:

Re: the Intercage mess, (continued)
- - - Re: the Intercage mess William Pitcock (Sep 24)
    - Re: the Intercage mess Paul Ferguson (Sep 24)
    - RE: the Intercage mess Blake Pfankuch (Sep 24)
    - Re: the Intercage mess Paul Ferguson (Sep 24)
    - Re: the NANOG mess Randy Bush (Sep 24)
    - RE: the NANOG mess MARTENS, SUSAN, ATTOPS (Sep 25)
    - RE: the NANOG mess MARTENS, SUSAN, ATTOPS (Sep 25)
    - Re: the Intercage mess Paul Ferguson (Sep 24)
    - Re: the Intercage mess Paul Ferguson (Sep 24)
    - Re: the Intercage mess Paul Ferguson (Sep 24)
    - Re: the Intercage mess Paul Ferguson (Sep 24)
    - Re: the Intercage mess William Pitcock (Sep 24)
    - Re: the Intercage mess Paul Ferguson (Sep 24)
    - Re: the Intercage mess Rich Kulawiec (Sep 25)
    - Re: the Intercage mess Laurence F. Sheldon, Jr. (Sep 25)
    - RE: the Intercage mess Frank Bulk (Sep 27)
    - Re: the Intercage mess Stephen Sprunk (Sep 24)
    - obvious intent (Re: the Intercage mess) Paul Vixie (Sep 24)
    - Re: obvious intent (Re: the Intercage mess) Paul Bennett (Sep 25)
    - RE: the Intercage mess James Ashton (Sep 25)
    - Re: the Intercage mess Eric Brunner-Williams (Sep 24)

(Thread continues...)