Skip to content

Instantly share code, notes, and snippets.

@bortzmeyer

bortzmeyer/google-bd.md

Last active December 20, 2016 08:56
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bortzmeyer/922a3f24ed42ba751a6072af63a4813d to your computer and use it in GitHub Desktop.
Save bortzmeyer/922a3f24ed42ba751a6072af63a4813d to your computer and use it in GitHub Desktop.
Download ZIP
google.com.bd fixed in the registry but hijacking still in caches
Raw
google-bd.md

The hijacking was stopped around 0710 UTC but of course caches still get the hijacker's NS RRset. Seen by RIPE Atlas probes in Bangladesh and in a neighbouring country, India:

% atlas-resolve -r 500 -c BD -t NS google.com.bd
Warning, probe 4776 never got reply from any resolver
[ns1.google.com. ns2.google.com. ns3.google.com. ns4.google.com.] : 9 occurrences 
[TIMEOUT(S)] : 1 occurrences 
[ns601.dnsserverboot.com. ns602.dnsserverboot.com.] : 5 occurrences 
Test #6970468 done at 2016-12-20T08:39:59Z

% atlas-resolve -r 500 -c IN -t NS google.com.bd
[ns1.google.com. ns2.google.com. ns3.google.com. ns4.google.com.] : 19 occurrences 
[ns1.phpvibe.net. ns2.phpvibe.net.] : 4 occurrences 
[ns601.dnsserverboot.com. ns602.dnsserverboot.com.] : 8 occurrences 
Test #6970476 done at 2016-12-20T08:40:10Z
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment