[Dshield] Odd traceroute, I *think* I know what's going on, but not sure.

Jon Kibler Jon.Kibler at aset.com
Wed Oct 8 19:55:04 GMT 2008

Hash: SHA1

Brenden Walker wrote:
> New thought on the subject.
> Could this be someone thinking it's a good idea?  I know that on most of my machines I have a hosts files with a lot of bad servers mapping to so that nothing can get to doubleclick.net for example.
> Is it possible that someone thought they could do something similar to a DNS?  Obviously this is bass-ackwards, not going to do the same thing at all.
> Just a crazy thought.

Could just be someone being lazy and using a wildcard (or BIND
$GENERATE) to assign the name localhost to all IPs in a block.

I don't see how this can be anything malicious. It am sure it is just
some name server admin being lazy.

Jon K
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253

Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

More information about the Dshield mailing list