[ale] fetchmail site weirdness

Jonathan Rickman jonathan at xcorps.net
Tue Feb 11 10:42:17 EST 2003


On Tue, 11 Feb 2003, Jason Day wrote:

> My vote is the latter:
>
> jday:jday$ telnet tuxedo.org 80
> Trying 66.92.236.83...
> Connected to dsl092-236-083.phl1.dsl.speakeasy.net.
> Escape character is '^]'.
>
>
> I find it hard to believe that the tuxedo.org domain is really a
> speakeasy DSL account.

Unless it was a DNS attack, it apparently is...

jonathan at abacus:~$ dig www.tuxedo.org

; <<>> DiG 9.1.2 <<>> www.tuxedo.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26223
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;www.tuxedo.org.                        IN      A

;; ANSWER SECTION:
www.tuxedo.org.         24742   IN      CNAME   tuxedo.org.
tuxedo.org.             34133   IN      A       66.92.236.83

;; AUTHORITY SECTION:
tuxedo.org.             34133   IN      NS      ns1.everydns.net.
tuxedo.org.             34133   IN      NS      ns2.everydns.net.
tuxedo.org.             34133   IN      NS      ns3.everydns.net.
tuxedo.org.             34133   IN      NS      ns4.everydns.net.

;; ADDITIONAL SECTION:
ns1.everydns.net.       17992   IN      A       209.75.39.141
ns2.everydns.net.       17992   IN      A       12.25.235.42
ns3.everydns.net.       17946   IN      A       193.109.122.204
ns4.everydns.net.       117414  IN      A       12.25.235.41

;; Query time: 493 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Feb 11 10:37:23 2003
;; MSG SIZE  rcvd: 210

jonathan at abacus:~$ whois 66.92.236.83
Speakeasy Network SPEAKEASY-5 (NET-66-92-0-0-1)
                                  66.92.0.0 - 66.93.255.255
PHL BRIDGED CIRCUITS SPEK-PHL-BR-2 (NET-66-92-236-1-1)
                                  66.92.236.1 - 66.92.236.255

# ARIN WHOIS database, last updated 2003-02-10 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.
jonathan at abacus:~$


Come to think of it, why not? Bandwidth is bandwidth.

--
Jonathan Rickman
X Corps Security
http://www.xcorps.net

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale






More information about the Ale mailing list