[154136] in North American Network Operators' Group
Re: DNS poisoning at Google?
daemon@ATHENA.MIT.EDU (Sadiq Saif)
Wed Jun 27 00:05:53 2012
In-Reply-To: <ED78B1C68B84A14FA706D13A230D7B431954DB1B@ITS-MAIL01.campus.ad.csulb.edu>
From: Sadiq Saif <sadiq@asininetech.com>
Date: Wed, 27 Jun 2012 00:04:58 -0400
To: Matthew Black <Matthew.Black@csulb.edu>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Accidentally sent that to Matthew only,
mind sharing the domain name?
On Tue, Jun 26, 2012 at 11:53 PM, Matthew Black <Matthew.Black@csulb.edu> wrote:
> Google Safe Browsing and Firefox have marked our website as containing malware. They claim our home page returns no results, but redirects users to another compromised website couchtarts.com.
>
> We have thoroughly examined our root .htaccess and httpd.conf files and are not redirecting to the problem target site. No recent changes either.
>
> We ran some NSLOOKUPs against various public DNS servers and intermittently get results that are NOT our servers.
>
> We believe the DNS servers used by Google's crawler have been poisoned.
>
> Can anyone shed some light on this?
>
> matthew black
> information technology services
> california state university, long beach
> www.csulb.edu<http://www.csulb.edu>
>
--
Sadiq S
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
