Earthlink Contact - DNS cache poisoning

• Previous message (by thread): Strange static route
• Next message (by thread): Earthlink Contact - DNS cache poisoning
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Anyone out there in Earthlink land? I am seeing what looks to be a cache poisoning attack on ns1.mindspring.com.

Sporadic of course so it takes a few queries to replicate. 

will$ dig www.google.com @207.69.188.185

; <<>> DiG 9.7.3 <<>> www.google.com @207.69.188.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26196
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com.                        IN      A

;; ANSWER SECTION:
www.google.com.         60      IN      A       64.27.117.179
www.google.com.         60      IN      A       69.25.212.24

;; AUTHORITY SECTION:
www.google.com.         65535   IN      NS      WSC2.JOMAX.NET.
www.google.com.         65535   IN      NS      WSC1.JOMAX.NET.

;; Query time: 88 msec
;; SERVER: 207.69.188.185#53(207.69.188.185)
;; WHEN: Sat Sep 24 20:25:40 2011
;; MSG SIZE  rcvd: 120


- Will

• Previous message (by thread): Strange static route
• Next message (by thread): Earthlink Contact - DNS cache poisoning
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]