On 5 Dec 2003, at 12:20, Luca Filipozzi wrote:
On Fri, Dec 05, 2003 at 11:07:24AM -0600, Mike Hyde wrote:
Looks like someone forgot to renew there domain name and another party decided to do it for them, with some slight changes:
host 206.108.102.93 93.102.108.206.in-addr.arpa domain name pointer bells-network-has-lots-of-security-holes-to-exploit.bell-nexxia.net
This isn't a lapsed domain registration issue; we're not talking about A records. It doesn't strike you as odd (read 'a security issue') that the PTR records have been changed?
Bell's ARIN records show 102.108.206.in-addr.arpa delegated to nameservers named under bell-nexxia.net, which is a zone that Bell do not currently run. If you believe the dates returned by whois.crsnic.net, "bell-nexxia.net" was only recently registered, while "bellnexxia.net" was registered in 1999. Maybe someone at Bell typo'd nameserver names when they filled out the paperwork for 206.108/20, and someone else got fed up with waiting for them to fix it (and hence the reverse DNS for these blocks). Joe