[kictanet] [Skunkworks] Google Kenya hacked?
McTim
dogwallah at gmail.com
Mon Apr 15 15:19:59 EAT 2013
On Mon, Apr 15, 2013 at 3:02 AM, Adam Nelson <adam at varud.com> wrote:
> I brought it up a few months ago in Skunkworks, but until the .ke top
> level domain is signed,
>
of course, you have to sign .co.ke AND google.co.ke for DNSSEC to mitigate
against cache poisoning.
> you can't really trust the identify of any site under .ke that doesn't use
> an SSL certificate (i.e. the regular google.co.ke without "https").
>
> http://stats.research.icann.org/dns/tld_report/
>
> I'm pretty confident that Google's systems weren't cracked and that this
> was something like a DNS attack on one of the ISPs or similar.
>
>
Probably:
here is the *dig* result for *google.co.ke* from server 8.8.8.8 [dig @
8.8.8.8 google.co.ke A]
; <<>> DiG 9.7.3 <<>> @8.8.8.8 google.co.ke A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38419
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.co.ke. IN A
;; ANSWER SECTION:
google.co.ke. 300 IN A 173.194.35.152
google.co.ke. 300 IN A 173.194.35.151
google.co.ke. 300 IN A 173.194.35.159
;; Query time: 17 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Apr 15 14:16:38 2013
;; MSG SIZE rcvd: 78
http://whois.arin.net/rest/net/NET-173-194-0-0-1/pft
--
Cheers,
McTim
"A name indicates what we seek. An address indicates where it is. A route
indicates how we get there." Jon Postel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20130415/f1050bac/attachment.htm>
More information about the KICTANet
mailing list