[lug] Suspicous: "host"/"DNS" Showing Odd Results (Fedora)
Bear Giles
bgiles at coyotesong.com
Mon Sep 3 15:30:46 MDT 2018
Could your router be compromised? There's some malware that redirects DNS
to point to its own servers. Possible uses are MITM attacks, capturing
clicks (they resolve the click farms(?) to point to their own click farms),
etc.
I don't remember both Comcast servers (I inserted my own pi-hole to block
ads so I only kept one, as fallback) but I'm pretty sure one is
75.75.76.76. They certainly shouldn't be reserve-resolving to a non-comcast
hostname.
On Mon, Sep 3, 2018 at 3:15 PM Zan Lynx <zlynx at acm.org> wrote:
> On 9/3/2018 3:10 PM, stimits at comcast.net wrote:
> > Is there something equivalent to a verbose trace of the "host" command
> > to see more details?
>
> Try dig. It does everything DNS.
>
> dig +trace -x 69.252.80.75
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20180903/5b8c509c/attachment.html>
More information about the LUG
mailing list