Massassi Forums Logo

This is the static archive of the Massassi Forums. The forums are closed indefinitely. Thanks for all the memories!

You can also download Super Old Archived Message Boards from when Massassi first started.

"View" counts are as of the day the forums were archived, and will no longer increase.

ForumsDiscussion Forum → I'm gonna kill
12
I'm gonna kill
2007-12-14, 5:34 PM #1
Code: 
gbk@katherine:~$ ping sdhgdshgsdhashshfdgfs
PING sdhgdshgsdhashshfdgfs (8.15.7.123) 56(84) bytes of data.

--- sdhgdshgsdhashshfdgfs ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

gbk@katherine:~$ whois 8.15.7.123
Level 3 Communications, Inc. LVLT-ORG-8-8 (NET-8-0-0-0-1)
                                  8.0.0.0 - 8.255.255.255
Co-Location.com Inc. LVLT-COLOC-1-8-15-7-96 (NET-8-15-7-96-1)
                                  8.15.7.96 - 8.15.7.127

# ARIN WHOIS database, last updated 2007-12-13 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
And when the moment is right, I'm gonna fly a kite.
2007-12-14, 5:36 PM #2
:gbk:
2007-12-14, 5:45 PM #3
I don't know what the hell you're talking about.:psyduck:
COUCHMAN IS BACK BABY
2007-12-14, 5:50 PM #4
Don't even look at me wrong when I come through the hood
2007-12-14, 5:53 PM #5
Is this like some computer hacker thing? Are you hacking gbk?
COUCHMAN IS BACK BABY
2007-12-14, 5:55 PM #6
THERES TAKING OVER MY BRAAAAAAAAAAAAAAAIN
free(jin);
tofu sucks
2007-12-14, 6:16 PM #7
Isn't it obvious? Level 3 implemented wildcard DNS redirection. I hope someone gets fired over this. :rant:
And when the moment is right, I'm gonna fly a kite.
2007-12-14, 6:28 PM #8
:colbert:
2007-12-14, 6:37 PM #9
Was he Indian?
2007-12-14, 6:44 PM #10
Is there any way of explaining that to thickos like me? Or maybe explaining what problem that causes?
2007-12-14, 6:53 PM #11
Originally posted by gbk:
Code: 
2 packets transmitted, 0 received, 100% packet loss, time 999ms


I take it that's a bad thing?
"it is time to get a credit card to complete my financial independance" — Tibby, Aug. 2009
2007-12-14, 7:14 PM #12
Originally posted by Freelancer:
I take it that's a bad thing?


No. The problem is that "sdhgdshgsdhashshfdgfs" resolves to 8.15.7.123. Any invalid hostname resolves to 8.15.7.123. I could connect a handset to a modem, sneeze into the receiver, capture the output and dump that to the STDIN of ping and *that* would resolve to 8.15.7.123. EVERYTHING resolves.

Why the hell doesn't anyone understand why this is a problem?
And when the moment is right, I'm gonna fly a kite.
2007-12-14, 7:18 PM #13
Originally posted by gbk:
No. The problem is that "sdhgdshgsdhashshfdgfs" resolves to 8.15.7.123. Any invalid hostname resolves to 8.15.7.123. I could connect a handset to a modem, sneeze into the receiver, capture the output and dump that to the STDIN of ping and *that* would resolve to 8.15.7.123. EVERYTHING resolves.

Why the hell doesn't anyone understand why this is a problem?


Cause sneezing into the receiver would cause a short circuit?
2007-12-14, 7:27 PM #14
Originally posted by gbk:
Why the hell doesn't anyone understand why this is a problem?


Because you're GBK?
"In the beginning, the Universe was created. This has made a lot of people very angry and has been widely regarded as a bad move." - Douglas Adams
Are you finding Ling-Ling's head?
Last Stand
2007-12-14, 7:32 PM #15
...bill.
Last edited by mb; today at 10:55 AM.
2007-12-14, 7:32 PM #16
Originally posted by phoenix_9286:
Because you're GBK?


your mom is gbk.
Last edited by mb; today at 10:55 AM.
2007-12-14, 7:46 PM #17
That's a ugly mom.

:o
2007-12-14, 7:52 PM #18
Originally posted by IRG SithLord:
That's a ugly mom.

:o


Sure is. :awesome:
Last edited by mb; today at 10:55 AM.
2007-12-14, 7:57 PM #19
2007-12-14, 8:02 PM #20
Originally posted by gbk:
No. The problem is that "sdhgdshgsdhashshfdgfs" resolves to 8.15.7.123. Any invalid hostname resolves to 8.15.7.123. I could connect a handset to a modem, sneeze into the receiver, capture the output and dump that to the STDIN of ping and *that* would resolve to 8.15.7.123. EVERYTHING resolves.

Why the hell doesn't anyone understand why this is a problem?



I just ran the same command, and this is (presumably) how it should be:

Code: 
will@core:~$ ping sdhgdshgsdhashshfdgfs
ping: unknown host sdhgdshgsdhashshfdgfs


Who is your ISP?
2007-12-14, 8:11 PM #21
Originally posted by Pagewizard_YKS:
...this is (presumably) how it should be...

Correct.

Quote:
Who is your ISP?

Insight Communications. I spent 20 minutes on the phone complaining. Those idiots are clueless.
And when the moment is right, I'm gonna fly a kite.
2007-12-14, 8:19 PM #22
Originally posted by gbk:
Insight Communications. I spent 20 minutes on the phone complaining. Those idiots are clueless.


Welcome...to the real world.
2007-12-14, 8:27 PM #23
another interesting thing... I just tried accessing http://8.15.7.123/ and it gave me a 404 error. Why would they redirect invalid hostnames to what basically amounts to a 404 page?
2007-12-14, 8:39 PM #24
This keeps getting stranger... I pinged that server and for the first time ever I'm consistently getting 100% packet loss:

Code: 
will@core:~$ ping -c 5 8.15.7.123
PING 8.15.7.123 (8.15.7.123) 56(84) bytes of data.

--- 8.15.7.123 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4011ms

will@core:~$ ping -c 5 8.15.7.123
PING 8.15.7.123 (8.15.7.123) 56(84) bytes of data.

--- 8.15.7.123 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4009ms

will@core:~$
2007-12-14, 8:40 PM #25
You get more with a tracert.
2007-12-14, 8:41 PM #26
Originally posted by Pagewizard_YKS:
another interesting thing... I just tried accessing http://8.15.7.123/ and it gave me a 404 error. Why would they redirect invalid hostnames to what basically amounts to a 404 page?


Thing is, that's very obviously a custom 404 page, which means that it is a valid IP. :confused:
the idiot is the person who follows the idiot and your not following me your insulting me your following the path of a idiot so that makes you the idiot - LC Tusken
2007-12-14, 8:45 PM #27
I use tracepath, which is basically the same thing. The server appears to be somewhere the Washington DC area:

Code: 
will@core:~$ tracepath 8.15.7.123
 1:  core.home (192.168.1.4)                                0.231ms pmtu 1500
 1:  Wireless_Broadband_Router.home (192.168.1.1)           1.033ms 
 2:  L100.VFTTP-32.LSANCA.verizon-gni.net (71.165.197.1)  asymm  3  16.465ms 
 3:  P10-0.LCR-05.LSANCA.verizon-gni.net (130.81.58.228)   16.359ms 
 4:  so-6-3-0-0.BB-RTR1.LAX01.verizon-gni.net (130.81.29.69) asymm  6  16.993ms 
 5:  0.so-7-2-0.XT2.LAX7.ALTER.NET (152.63.10.153)        asymm  7  18.414ms 
 6:  0.so-6-0-0.XL1.LAX15.ALTER.NET (152.63.112.53)       asymm  8  18.952ms 
 7:  0.so-6-0-0.BR1.LAX15.ALTER.NET (152.63.116.21)       asymm  9  18.327ms 
 8:  so-7-1-2.edge1.LosAngeles1.Level3.net (4.68.110.153) asymm 10  18.676ms 
 9:  ae-32-54.ebr2.LosAngeles1.Level3.net (4.68.102.126)  asymm 10  26.411ms 
10:  ae-3.ebr3.Dallas1.Level3.net (4.69.132.78)           asymm 12  68.656ms 
11:  ae-7.ebr3.Atlanta2.Level3.net (4.69.134.22)           82.743ms 
12:  ae-2.ebr1.Washington1.Level3.net (4.69.132.86)       asymm 13 106.880ms 
13:  ae-31-89.car1.Washington1.Level3.net (4.68.17.131)    93.766ms 
14:  CO-LOCATION.car1.Washington1.Level3.net (63.210.59.250) asymm 13 105.762ms 
15:  8.15.7.123 (8.15.7.123)                              asymm 12  91.531ms reached
     Resume: pmtu 1500 hops 15 back 12 
will@core:~$


I also ran nmap:

Code: 
nmap 8.15.7.123

Starting Nmap 4.20 ( http://insecure.org ) at 2007-12-14 20:43 PST
Interesting ports on 8.15.7.123:
Not shown: 1694 closed ports
PORT    STATE SERVICE
25/tcp  open  smtp
80/tcp  open  http
110/tcp open  pop3

Nmap finished: 1 IP address (1 host up) scanned in 11.771 seconds


On the surface, it looks like a typical http and mail server, but that doesn't explain why pings just bleed away into nothing.
2007-12-14, 8:47 PM #28
Originally posted by Wolfy:
Thing is, that's very obviously a custom 404 page, which means that it is a valid IP. :confused:


Yes, I know, but what I'm wondering is why GBK's ISP is redirecting bad hostnames to a server that is set up to display a custom 404 page and send/receive mail. (although I can only guess server activity by looking at open ports) It just doesn't make sense.
2007-12-14, 8:48 PM #29
Originally posted by Pagewizard_YKS:
On the surface, it looks like a typical http and mail server, but that doesn't explain why pings just bleed away into nothing.


Firewalls do...

[edit]
Code: 
user@socr:~$ ping cnn.com
PING cnn.com (64.236.16.52) 56(84) bytes of data.

--- cnn.com ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8015ms
2007-12-14, 8:50 PM #30
The government is planning to kill :gbk:
2007-12-14, 9:03 PM #31
Yeah well, for the past 2 days my ISP redirected EVERY website to their own. I spent 45 minutes on hold today before I could talk to a real guy to fix the problem.

o.0
2007-12-14, 10:24 PM #32
Originally posted by gbk:
No. The problem is that "sdhgdshgsdhashshfdgfs" resolves to 8.15.7.123. Any invalid hostname resolves to 8.15.7.123. I could connect a handset to a modem, sneeze into the receiver, capture the output and dump that to the STDIN of ping and *that* would resolve to 8.15.7.123. EVERYTHING resolves.

Why the hell doesn't anyone understand why this is a problem?


I still don't understand why this is a problem.
"it is time to get a credit card to complete my financial independance" — Tibby, Aug. 2009
2007-12-15, 1:10 AM #33
Just because I like looking at things:
Code: 
telnet 8.15.7.123 110
Trying 8.15.7.123...
Connected to 8.15.7.123.
Escape character is '^]'.
-ERR <Domain or Hostname Invalid> 
Connection closed by foreign host.

It looks like it's filtering based on the host. We would probably see something if we were the intended audience.
Naked Feet are Happy Feet
:omgkroko:
2007-12-15, 1:27 AM #34
Here's something I worked up. If I'm reading it right it should fix your problem.

Code: 
gbk@katherine:~$ ping sdhgdshgsdhashshfdgfs
PING sdhgdshgsdhashshfdgfs (8.15.7.123) 56(84) bytes of data.

# ARIN WHOIS database, last updated 2007-12-13 19:10
--- sdhgdshgsdhashshfdgfs ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

int main ()
{
  char question[] = "ping: ";
  char gbk [ping];
  cout << question;
  cin >> yourname;
  cout << greeting << gbk << "!";
  return 0;
}

gbk@katherine:~$ whois 8.15.7.123
Level 3 Communications, Inc. LVLT-ORG-8-8 (NET-8-0-0-0-1)
                                  8.0.0.0 - 8.255.255.255
Manifest-Version: 1.0
Class-Path: MyUtils.jar
Created-By: 1.6.0 (Sun Microsystems Inc.)
Co-Location.com Inc. LVLT-COLOC-1-8-15-7-96 (NET-8-15-7-96-1)
                                  8.15.7.96 - 8.15.7.127

# Enter ? for additional hints on searching ARIN's WHOIS database.
2007-12-15, 1:48 AM #35
Originally posted by 'Thrawn[numbarz:
;880928']Here's something I worked up. If I'm reading it right it should fix your problem[/code]

That's not funny and you should commit suicide.

gbk you should switch to a root dns server
2007-12-15, 2:07 AM #36
Quote:
gbk@ katherine :~$ ping sdhgdshgsdhashshfdgfs

--

gbk@ katherine :~$ whois 8.15.7.123


Seriously.
Last edited by mb; today at 10:55 AM.
2007-12-15, 9:02 AM #37
Originally posted by Jon`C:
gbk you should switch to a root dns server

Switching DNS servers was the first thing I did. Kind of a no-brainer. ;)

Originally posted by CaveDemon:
Seriously.

What of it?
And when the moment is right, I'm gonna fly a kite.
2007-12-15, 9:43 AM #38
As bad as Comcast is, they have not done that to their subscribers yet. Lucky me.
[This message has been edited. Deal with it.]
2007-12-15, 10:25 AM #39
Originally posted by Jon`C:
That's not funny and you should commit suicide.


Oh hello Jon`C
2007-12-15, 10:34 AM #40
Originally posted by Pagewizard_YKS:
Code: 
nmap 8.15.7.123

Starting Nmap 4.20 ( http://insecure.org ) at 2007-12-14 20:43 PST
Interesting ports on 8.15.7.123:
Not shown: 1694 closed ports
PORT    STATE SERVICE
25/tcp  open  smtp
80/tcp  open  http
110/tcp open  pop3

Nmap finished: 1 IP address (1 host up) scanned in 11.771 seconds


On the surface, it looks like a typical http and mail server, but that doesn't explain why pings just bleed away into nothing.


My nmap scan provided a little bit more info:
Code: 
Interesting ports on 8.15.7.123:
Not shown: 1688 closed ports
PORT    STATE    SERVICE      VERSION
25/tcp  open     smtp?
80/tcp  open     http         Apache httpd
110/tcp open     pop3?
135/tcp filtered msrpc
136/tcp filtered profile
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

It could not fingerprint the OS though.
[This message has been edited. Deal with it.]
12

↑ Up to the top!