OT DNS/routing question
Marcin Jessa
lists at yazzy.org
Sat Mar 12 09:19:32 PST 2005
They just set the A record to 127.0.0.2
What's so weird about it?
You can also do some neat tricks with IPv6 too:
host barkas.energyhq.es.eu.org
barkas.energyhq.es.eu.org has address 255.255.255.255
barkas.energyhq.es.eu.org has IPv6 address 2001:470:1f01:198::5
On Sat, 12 Mar 2005 07:23:52 -0800
walt <wa1ter at xxxxxxxxxxxxx> wrote:
> Like my last DNS question, this one was raised by a phishing
> email asking me to click on this URL:
> http://wamu.securesite.cn/.process-sk/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid=
>
> Now, this is my puzzle:
>
> #host wamu.securesite.cn
> wamu.securesite.cn has address 127.0.0.2
>
> My first thought was that my local DNS server is misconfigured, so I
> tried using the nameserver for securesite.cn and got the same answer.
>
> #dig @ns2.afraid.org wamu.securesite.cn
>
> ; <<>> DiG 9.2.3 <<>> @ns2.afraid.org wamu.securesite.cn
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12484
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 4
>
> ;; QUESTION SECTION:
> ;wamu.securesite.cn. IN A
>
> ;; ANSWER SECTION:
> wamu.securesite.cn. 43200 IN A 127.0.0.2
>
> Do you see why I'm confused? Are they doing something *really*
> sneaky here, or am I using the DNS tools incorrectly?
>
--
Regards,
M. Jessa
http://www.yazzy.org
More information about the Users
mailing list