It's worse than I thought. It also appears to be hijacking subdomains of valid domains. I'm switching to using an off-net DNS server for now. This is very disturbing.
Rich $ dig bleepblop.google.com ; <<>> DiG 9.4.1 <<>> bleepblop.google.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56987 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;bleepblop.google.com. IN A ;; ANSWER SECTION: bleepblop.google.com. 60 IN A 8.15.7.102 bleepblop.google.com. 60 IN A 63.251.179.28 ;; AUTHORITY SECTION: bleepblop.google.com. 65535 IN NS WSC2.JOMAX.NET. bleepblop.google.com. 65535 IN NS WSC1.JOMAX.NET. ;; ADDITIONAL SECTION: WSC2.JOMAX.NET. 92600 IN A 208.109.255.1 WSC1.JOMAX.NET. 92600 IN A 216.69.185.1 ;; Query time: 35 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Sep 30 13:15:27 2008 ;; MSG SIZE rcvd: 149 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~----------~----~----~----~------~----~------~--~---
