[nsp-sec] www-google.* phishing?
CERT-UT - Peter
p.g.m.peters at utwente.nl
Thu Feb 14 10:07:07 EST 2013
Chris,
Chris Morrow wrote on 2013-02-14 15:33:
> www-google.nl NS:
>
> ;; ANSWER SECTION:
> www-google.nl. 3600 IN NS ns2.inwx.de.
> www-google.nl. 3600 IN NS ns.inwx.de.
> www-google.nl. 3600 IN NS ns3.inwx.de.
>
>
> in general, any 'google owned' domain resolves through/is-served-by:
> ;; ANSWER SECTION:
> google.nl. 3693 IN NS ns1.google.com.
> google.nl. 3693 IN NS ns4.google.com.
> google.nl. 3693 IN NS ns3.google.com.
> google.nl. 3693 IN NS ns2.google.com.
>
>
> If it's not ns1/2/3/4.google.com, it's very unlikely it's google's domain...
As I expected. I'll tell the user to be careful in what they enter on
that site. Or, better yet, not even go to that site.
--
Peter Peters
CERT-UT Officer off Duty
cert at utwente.nl http://www.utwente.nl/itsecurity
office-hours: +31 53 489 2301
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20130214/684e0bbc/attachment-0001.sig>
More information about the nsp-security
mailing list