[PLUG] DNS mystery...
plug_0 at robinson-west.com
plug_0 at robinson-west.com
Wed Apr 11 01:09:43 UTC 2007
The mail server for sophistasis.com is supposed to be the backup exchanger
for robinson-west.com. Apparently, my brother got a message meant for me
and should have been able to check my name server for my server's address,
but he got the ip for sophistasis instead.
Okay, what happened I wonder???
/-------------\ /--------\
| sophistasis |-----Internet-----| xerxes |
\-------------/ \--------/
* Did a spammer send the message and simultaneously manage to
poison the DNS server on web?
* Is a renegade gateway responsible, possibly inside Opus?
* Is there a weakness in the iBook my brother isn't aware
of which allows a remote site to change dns response
packets?
I've noticed that I can't get register.com to accept ns1.sophistasis.com
as a valid name server for robinson-west.com. I don't know why that
is. I remember a dns test suggested that Opus is running a vulnerable
release of bind where I am using Opus's servers as a tertiary option.
Oddly and irritatingly, the register.com domain tools show the Opus
server as the first server in my DNS list.
Michael C. Robinson
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the PLUG
mailing list