|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Possible DNS compromise/poisoning?
From: Florian Weimer (fw
deneb.enyo.de)
Date: Wed Jan 05 2005 - 12:12:43 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Is anyone else seeing this:
>
> --SNIP--
> ;; QUESTION SECTION:
> ;www.microsoft.com. IN A
>
> ;; ANSWER SECTION:
> www.microsoft.com. 2415 IN CNAME
> www.microsoft.com.nsatc.net.
> --SNIP--
>
> Notice that www.microsoft.com is a cname for
> www.microsoft.com.nsatc.net. It's not limited to www.microsoft.com
> and to the best of my knowledge the correct web content is
> displayed.
AFAIK, this is a side effect because Microsoft uses Savvis' content
distribution network.
This is by no means a recent change. It's been this way since last
June, probably much longer (I haven't got older data).
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]