Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Weird domain name entries for microsoft.com

Posted on 2006-11-20
5
Medium Priority
?
368 Views
Last Modified: 2011-09-20
When I go to this link and search for google.com or microsoft.com:

http://www.whois.net/whois_new.cgi?d=microsoft&tld=com

I get a lot of strange entries like:

MICROSOFT.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
MICROSOFT.COM.ZZZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET
MICROSOFT.COM.WILL.LIVE.FOREVER.BECOUSE.UNIXSUCKS.COM
MICROSOFT.COM.WILL.BE.SLAPPED.IN.THE.FACE.BY.MY.BLUE.VEINED.SPANNER.NET
MICROSOFT.COM.WILL.BE.BEATEN.WITH.MY.SPANNER.NET
MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM

How is this done? And how can I prevent my domain from having the same type of problem?
0
Comment
Question by:eggster34
  • 3
5 Comments
 
LVL 1

Expert Comment

by:data_grrr
ID: 17984559
you can't.

MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM

'com' is the top level domain
and somebody has taken the 'gulli ' second level domain.

then this person probably has taken the control of his domain from the domain name seller.

than at his dns server he created the
toplist subdomain
at subdomain
warez subdomain
com subdomain
microsoft subdomain

the second 'com' isn't the top-level domain 'com'.

if its been created in the records of the domain seller's server, maybe you have a chance to warn the company.
0
 
LVL 1

Expert Comment

by:data_grrr
ID: 17984706
also these subdomains shouldn't be listed with whois.. but whois doesn't search your exact term.. and any registrar (there are a lot of registrars now) gives these 'funny' whois information then it must be listed.

actually it isn't the problem of internic.net. if you go to their site

www.internic.net and look the whois info. there
you will see the actual whois records of microsoft.com

now the gulli.com has given extra whois information and this is the problem.

maybe you could warn the 'false'(literally) registrar not to use that information
but this is again not a solution..cos there is actually a
MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM on the Internet.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17985035
I've seen this too, my whois runs against crsnic.net (verisign) and returns those same results, but another PC hit's OpenSRS/TuCows for the actual record. I think it might have something to do with a DNS poison, or some misconfiguration... if you do a whois for microsoft.com.net or google.com.net you'll see these same results...
http://www.whois.net/whois_new.cgi?d=microsoft.com&tld=net
http://www.whois.net/whois_new.cgi?d=google.com&tld=net
This is because com.net is Sogo and for some reason whois is searching com.net... weird...
-rich
0
 
LVL 1

Accepted Solution

by:
data_grrr earned 1500 total points
ID: 17985151
no it's not a dns poisoning.. like i said above it's just stupid :)

Searching for MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM A record at a.root-servers.net [198.41.0.4]: Got referral to F.GTLD-SERVERS.NET. (zone: com.) [took 7 ms]
Searching for MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM A record at F.GTLD-SERVERS.NET. [192.35.51.30]: Got referral to ns1.gulli.com. (zone: gulli.com.) [took 101 ms]
Searching for MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM A record at ns1.gulli.com. [80.190.192.41]: Reports microsoft.com.warez.at.toplist.gulli.com. [took 200 ms]
microsoft.com.warez.at.toplist.gulli.com.      A      IN      3600      80.190.192.33

ns1.gulli.com just gives its A record for the address.

and both of the addresses are in the same class: A:80.190.192.33 and ns1: 80.190.192.41
which tells me dns zone controlled by the person who put this record in dns.



0
 
LVL 7

Expert Comment

by:killbrad
ID: 17988954
To put this simply, if you own a domain name, you can have as many subdomains with whichever names you please.  For example:

If I owned SUCK.COM, I could make YOU.SUCK.COM, POLITICIANS.SUCK.COM, or even THOSE.COOKIES.YOU.BAKED.LAST.NIGHT.SUCK.COM.

There is no way to stop people from doing this with a domain they own.  

Cheers!
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question