DNS hacked
George Toft
plug-discuss@lists.plug.phoenix.az.us
Thu, 18 Apr 2002 20:41:35 -0400
Looks like Granite Canyon was hacked today. A coworker went to
his web site this morning and noticed it had suddenly become a
porn site. He uses GC for DNS. The evidence:
At 12:00pm today:
H:\>nslookup irvingtech.com
Server: dc201dir01
Address: 10.6.34.92
Non-authoritative answer:
Name: irvingtech.com
Address: 64.128.184.145
H:\>nslookup www.irvingtech.com
Server: dc201dir01
Address: 10.6.34.92
Non-authoritative answer:
Name: www.irvingtech.com
Address: 66.34.137.1
Yet at 5pm:
H:\>nslookup irvingtech.com
Server: dc201dir01
Address: 10.6.34.92
Non-authoritative answer:
Name: irvingtech.com
Address: 64.128.184.145
H:\>nslookup www.irvingtech.com
Server: dc201dir01
Address: 10.6.34.92
Non-authoritative answer:
Name: irvingtech.com
Address: 64.128.184.145
Aliases: www.irvingtech.com
Now it's back to normal with no action on his part. Has anyone
heard about any problems over at GC?
George