Fidelity Domain Hijack?
Brad Knowles
brad.knowles at skynet.be
Wed Jun 27 05:13:12 UTC 2001
At 7:09 PM -0500 6/26/01, asenec at senechalle.net wrote:
> I can't help but think that this problem is somehow
> related to a URL which has been showing up in various
> access logs on our servers:
>
>> 61.142.242.124 unknown - [16/Jun/2001:17:49:34 +0200] "GET
>> http://www.teenagerbitch.com/ HTTP/1.1" 200 9051 "-" "Mozilla/4.0
>> (compatible; MSIE 4.01; Windows NT)"
For this host/domain name, I get back that it is an alias
pointing to the Canonical NAME (CNAME) of "a1.orionent.com", which
has an IP address of 216.5.39.207. I haven't been able to get back
anything else on it, however.
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list