DNS poisoning at Google?
Sadiq Saif
sadiq at asininetech.com
Wed Jun 27 04:15:43 UTC 2012
DNS seems to check out from here. Tested against Google DNS, OpenDNS
and Linode's DNS servers.
According to Google:
"Malicious software is hosted on 1 domain(s), including couchtarts.com/."
Normally, I would say this happens due to malicious ads loaded but
this does not seem to be a site that will contain ads. :)
On Wed, Jun 27, 2012 at 12:12 AM, Ishmael Rufus <sakamura at gmail.com> wrote:
> I am also getting the same issue when accessing his website.
>
> On Tue, Jun 26, 2012 at 11:07 PM, Landon Stewart <lstewart at superb.net>wrote:
>
>> Is it possible that some malicious software is listening and injecting a
>> redirect on the wire? We've seen this before with a Windows machine being
>> infected.
>>
>> On 26 June 2012 20:53, Matthew Black <Matthew.Black at csulb.edu> wrote:
>>
>> > Google Safe Browsing and Firefox have marked our website as containing
>> > malware. They claim our home page returns no results, but redirects users
>> > to another compromised website couchtarts.com.
>> >
>> > We have thoroughly examined our root .htaccess and httpd.conf files and
>> > are not redirecting to the problem target site. No recent changes either.
>> >
>> > We ran some NSLOOKUPs against various public DNS servers and
>> > intermittently get results that are NOT our servers.
>> >
>> > We believe the DNS servers used by Google's crawler have been poisoned.
>> >
>> > Can anyone shed some light on this?
>> >
>> > matthew black
>> > information technology services
>> > california state university, long beach
>> > www.csulb.edu<http://www.csulb.edu>
>> >
>> >
>>
>>
>> --
>> Landon Stewart <LStewart at Superb.Net>
>> Sr. Administrator
>> Systems Engineering
>> Superb Internet Corp - 888-354-6128 x 4199
>> Web hosting and more "Ahead of the Rest": http://www.superbhosting.net
>>
--
Sadiq S
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
More information about the NANOG
mailing list