DNS Poisoning?

From: FSS (fssat_private)
Date: Wed Jul 25 2001 - 20:56:29 PDT

  • Next message: Chris Hobbs: "MISC Large ICMP Packet"

    Hi there,
    
    Long time listener, first time caller.
    
    For some reason our local DNS cache returned this chap when
    doing a dig on a small selection of domains:
    
    com.    421     SOA     ns1.hi2000.net. hostmaster.hi2000.net. (
                            20010725        ; serial
                            10800   ; refresh (3 hours)
                            3600    ; retry (1 hour)
                            604800  ; expire (7 days)
                            86400 ) ; minimum (1 day)
    
    A refresh fixed the problem for us.
    
    Doing some digs @ns1.hi2000.net I see it isn't well configured,
    also I notice China Chemical Network at http://www.hi2000.net/ .
    
    Has anyone else seen hi2000 mysteriously appear where it shouldn't?
    
    Regards,
    
    FSS.
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Thu Jul 26 2001 - 09:08:46 PDT