[LACNIC/Seguridad] Ejemplo de ataque a un registro "Whois"? (el registro de microsoft.com)
Nicolas Antoniello
nantoniello en gmail.com
Vie Jun 17 13:38:31 BRT 2011
Estimados,
Buscando el registro de microsoft.com en la base whois, desde un cliente
whois de Ubuntu, obtenemos la sigueinte respuesta... a ver que les parece?
root en nyquist:~# whois microsoft.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Server Name:
MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZZ.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
IP Address: 209.126.190.70
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A
PUBLICDOMAINREGISTRY.COM
Whois Server: whois.PublicDomainRegistry.com
Referral URL: http://www.PublicDomainRegistry.com
Server Name:
MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZ.IM.ELITE.WANNABE.TOO.WWW.PLUS613.NET
IP Address: 64.251.18.228
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Server Name: MICROSOFT.COM.ZZZZZZ.MORE.DETAILS.AT.WWW.BEYONDWHOIS.COM
IP Address: 203.36.226.2
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Server Name: MICROSOFT.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
IP Address: 69.41.185.194
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Server Name: MICROSOFT.COM.ZZZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
IP Address: 217.107.217.167
Registrar: DOMAINCONTEXT, INC.
Whois Server: whois.domaincontext.com
Referral URL: http://www.domaincontext.com
Server Name: MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET
IP Address: 207.44.240.96
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Server Name:
MICROSOFT.COM.WILL.BE.SLAPPED.IN.THE.FACE.BY.MY.BLUE.VEINED.SPANNER.NET
IP Address: 216.127.80.46
Registrar: ASCIO TECHNOLOGIES, INC.
Whois Server: whois.ascio.com
Referral URL: http://www.ascio.com
Server Name: MICROSOFT.COM.WILL.BE.BEATEN.WITH.MY.SPANNER.NET
IP Address: 216.127.80.46
Registrar: ASCIO TECHNOLOGIES, INC.
Whois Server: whois.ascio.com
Referral URL: http://www.ascio.com
Server Name: MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM
IP Address: 80.190.192.33
Registrar: EPAG DOMAINSERVICES GMBH
Whois Server: whois.enterprice.net
Referral URL: http://www.enterprice.net
Server Name: MICROSOFT.COM.TOTALLY.SUCKS.S3U.NET
IP Address: 207.208.13.22
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: MICROSOFT.COM.SOFTWARE.IS.NOT.USED.AT.REG.RU
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Server Name: MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.COM
IP Address: 65.160.248.13
Registrar: GKG.NET, INC.
Whois Server: whois.gkg.net
Referral URL: http://www.gkg.net
Server Name: MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Server Name: MICROSOFT.COM.OHMYGODITBURNS.COM
IP Address: 216.158.63.6
Registrar: DOTSTER, INC.
Whois Server: whois.dotster.com
Referral URL: http://www.dotster.com
Server Name: MICROSOFT.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
IP Address: 203.36.226.2
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Server Name: MICROSOFT.COM.MATCHES.THIS.STRING.AT.KEYSIGNERS.COM
IP Address: 85.10.240.254
Registrar: HETZNER ONLINE AG
Whois Server: whois.your-server.de
Referral URL: http://www.hetzner.de
Server Name: MICROSOFT.COM.MAKES.RICKARD.DRINK.SAMBUCA.0800CARRENTAL.COM
IP Address: 209.85.135.106
Registrar: KEY-SYSTEMS GMBH
Whois Server: whois.rrpproxy.net
Referral URL: http://www.key-systems.net
Server Name: MICROSOFT.COM.LOVES.ME.KOSMAL.NET
IP Address: 65.75.198.123
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Server Name: MICROSOFT.COM.LIVES.AT.SHAUNEWING.COM
IP Address: 216.40.250.172
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: MICROSOFT.COM.IS.NOT.YEPPA.ORG
Registrar: OVH
Whois Server: whois.ovh.com
Referral URL: http://www.ovh.com
Server Name: MICROSOFT.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
IP Address: 217.148.161.5
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: MICROSOFT.COM.IS.IN.BED.WITH.CURTYV.COM
IP Address: 216.55.187.193
Registrar: ABACUS AMERICA, INC.
Whois Server: whois.names4ever.com
Referral URL: http://www.names4ever.com / srs.register.com
Server Name: MICROSOFT.COM.IS.HOSTED.ON.PROFITHOSTING.NET
IP Address: 66.49.213.213
Registrar: NAME.COM LLC
Whois Server: whois.name.com
Referral URL: http://www.name.com
Server Name: MICROSOFT.COM.IS.A.STEAMING.HEAP.OF.FUCKING-BULLSHIT.NET
IP Address: 63.99.165.11
Registrar: 1 & 1 INTERNET AG
Whois Server: whois.schlund.info
Referral URL: http://REGISTRAR.SCHLUND.INFO
Server Name: MICROSOFT.COM.IS.A.MESS.TIMPORTER.CO.UK
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Server Name: MICROSOFT.COM.HAS.A.PRESENT.COMING.FROM.HUGHESMISSILES.COM
IP Address: 66.154.11.27
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Server Name: MICROSOFT.COM.FILLS.ME.WITH.BELLIGERENCE.NET
IP Address: 130.58.82.232
Registrar: CPS-DATENSYSTEME GMBH
Whois Server: whois.cps-datensysteme.de
Referral URL: http://www.cps-datensysteme.de
Server Name: MICROSOFT.COM.CAN.GO.FUCK.ITSELF.AT.SECZY.COM
IP Address: 209.187.114.147
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Server Name:
MICROSOFT.COM.ARE.GODDAMN.PIGFUCKERS.NET.NS-NOT-IN-SERVICE.COM
IP Address: 216.127.80.46
Registrar: TUCOWS.COM CO.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Domain Name: MICROSOFT.COM
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Name Server: NS1.MSFT.NET
Name Server: NS2.MSFT.NET
Name Server: NS3.MSFT.NET
Name Server: NS4.MSFT.NET
Name Server: NS5.MSFT.NET
Status: clientTransferProhibited
Status: serverDeleteProhibited
Status: serverTransferProhibited
Status: serverUpdateProhibited
Updated Date: 14-sep-2010
Creation Date: 02-may-1991
Expiration Date: 03-may-2015
>>> Last update of whois database: Fri, 17 Jun 2011 16:27:27 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the
expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to
ensure
operational stability. VeriSign may restrict or terminate your access to
the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name.......... microsoft.com
Creation Date........ 1991-05-02
Registration Date.... 2009-10-06
Expiry Date.......... 2015-05-04
Organisation Name.... Microsoft Corporation
Organisation Address. One Microsoft Way
Organisation Address.
Organisation Address. Redmond
Organisation Address. 98052
Organisation Address. WA
Organisation Address. UNITED STATES
Admin Name........... Administrator .
Admin Address........ One Microsoft Way
Admin Address........
Admin Address........ Redmond
Admin Address........ 98052
Admin Address........ WA
Admin Address........ UNITED STATES
Admin Email.......... domains en microsoft.com
Admin Phone.......... +1.4258828080
Admin Fax............
Tech Name............ Hostmaster .
Tech Address......... One Microsoft Way
Tech Address.........
Tech Address......... Redmond
Tech Address......... 98052
Tech Address......... WA
Tech Address......... UNITED STATES
Tech Email........... msnhst en microsoft.com
Tech Phone........... +1.4258828080
Tech Fax.............
Name Server.......... NS2.MSFT.NET
Name Server.......... NS4.MSFT.NET
Name Server.......... NS1.MSFT.NET
Name Server.......... NS5.MSFT.NET
Name Server.......... NS3.MSFT.NET
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/seguridad/attachments/20110617/bba69b57/attachment.html>
Más información sobre la lista de distribución Seguridad