[Dshield] Odd traceroute, I *think* I know what's going on, but not sure.
Jon.Kibler at aset.com
Wed Oct 8 19:55:04 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Brenden Walker wrote:
> New thought on the subject.
> Could this be someone thinking it's a good idea? I know that on most of my machines I have a hosts files with a lot of bad servers mapping to 127.0.0.1 so that nothing can get to doubleclick.net for example.
> Is it possible that someone thought they could do something similar to a DNS? Obviously this is bass-ackwards, not going to do the same thing at all.
> Just a crazy thought.
Could just be someone being lazy and using a wildcard (or BIND
$GENERATE) to assign the name localhost to all IPs in a block.
I don't see how this can be anything malicious. It am sure it is just
some name server admin being lazy.
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
More information about the Dshield