[154134] in North American Network Operators' Group
DNS poisoning at Google?
daemon@ATHENA.MIT.EDU (Matthew Black)
Tue Jun 26 23:53:49 2012
From: Matthew Black <Matthew.Black@csulb.edu>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Wed, 27 Jun 2012 03:53:17 +0000
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Google Safe Browsing and Firefox have marked our website as containing malw=
are. They claim our home page returns no results, but redirects users to an=
other compromised website couchtarts.com.
We have thoroughly examined our root .htaccess and httpd.conf files and are=
not redirecting to the problem target site. No recent changes either.
We ran some NSLOOKUPs against various public DNS servers and intermittently=
get results that are NOT our servers.
We believe the DNS servers used by Google's crawler have been poisoned.
Can anyone shed some light on this?
matthew black
information technology services
california state university, long beach
www.csulb.edu<http://www.csulb.edu>
