DNS poisoning at Google?
David Hubbard
dhubbard at dino.hostasaurus.com
Wed Jun 27 05:13:34 UTC 2012
Well as Jeremy pointed out, your site is issuing
redirects, he gave you the command to show it:
curl -e 'http://google.com' csulb.edu
So if you're sure your server(s) haven't been hacked,
your application appears to have been hacked. It only
issues the redirect if the visitor comes in from a
google search.
> -----Original Message-----
> From: Matthew Black [mailto:Matthew.Black at csulb.edu]
> Sent: Wednesday, June 27, 2012 1:03 AM
> To: Michael J Wise
> Cc: nanog at nanog.org
> Subject: RE: DNS poisoning at Google?
>
> Q:have you consulted the logs?
>
> Seriously? Our servers have multiple log files due to
> multiple virtual hosts. Our primary domain log file on just
> one server has over 600,000 records x 3 servers.
>
> Probably over 100,000 304 redirects in our logs.
>
> couchtarts.com does not appear in our log files.
>
>
> matthew black
> information technology services
> california state university, long beach
>
> -----Original Message-----
> From: Michael J Wise [mailto:mjwise at kapu.net]
> Sent: Tuesday, June 26, 2012 9:56 PM
> To: Matthew Black
> Cc: nanog at nanog.org
> Subject: Re: DNS poisoning at Google?
>
>
> On Jun 26, 2012, at 9:35 PM, Matthew Black wrote:
>
> > Yes, we've used the Google Webmaster Tools a lot today.
> Submitted multiple requests and they keep insisting that our
> site issues a redirect. Unable to duplicate the problem here.
>
> ... have you consulted the logs?
> If the redirect is there, it ... 1) might not be from the
> home page, and 2) could be in ... user content?
>
> awk '{if ($9 ~ /304/) { print $0 }}' access_log.
> ... or some such.
> Granted, might be a storm of " " -> index.html redirects, but
> they should be grep -v 'able in short order.
> You might also look for the rDNS of the Google spider to see
> exactly where it is looking, and what it sees.
>
> Aloha,
> Michael.
> --
> "Please have your Internet License
> and Usenet Registration handy..."
>
>
>
>
>
>
More information about the NANOG
mailing list