Re: DNS poisoning at Google?

[Sadiq Saif <sadiq () asininetech com>]

DNS seems to check out from here. Tested against Google DNS, OpenDNS
and Linode's DNS servers.

According to Google:
"Malicious software is hosted on 1 domain(s), including couchtarts.com/."

Normally, I would say this happens due to malicious ads loaded but
this does not seem to be a site that will contain ads. :)

On Wed, Jun 27, 2012 at 12:12 AM, Ishmael Rufus <sakamura () gmail com> wrote:
> I am also getting the same issue when accessing his website.
>
> On Tue, Jun 26, 2012 at 11:07 PM, Landon Stewart <lstewart () superb net>wrote:
>
> > Is it possible that some malicious software is listening and injecting a
> > redirect on the wire?  We've seen this before with a Windows machine being
> > infected.
> >
> > On 26 June 2012 20:53, Matthew Black <Matthew.Black () csulb edu> wrote:
> >
> > > Google Safe Browsing and Firefox have marked our website as containing
> > > malware. They claim our home page returns no results, but redirects users
> > > to another compromised website couchtarts.com.
> > >
> > > We have thoroughly examined our root .htaccess and httpd.conf files and
> > > are not redirecting to the problem target site. No recent changes either.
> > >
> > > We ran some NSLOOKUPs against various public DNS servers and
> > > intermittently get results that are NOT our servers.
> > >
> > > We believe the DNS servers used by Google's crawler have been poisoned.
> > >
> > > Can anyone shed some light on this?
> > >
> > > matthew black
> > > information technology services
> > > california state university, long beach
> > > www.csulb.edu<http://www.csulb.edu>
> >
> >
> > --
> > Landon Stewart <LStewart () Superb Net>
> > Sr. Administrator
> > Systems Engineering
> > Superb Internet Corp - 888-354-6128 x 4199
> > Web hosting and more "Ahead of the Rest": http://www.superbhosting.net



-- 
Sadiq S
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org