On Friday 06 August 2010 16:52:26 Dattatray Kamble wrote:
OK .. i start once again..
- www.hesco-fl.com ...is our production site ( users may misspell
it as www.hesco-lf.com ..&..get redirected to ..PORN site..( raunchy king of porn site.....single site )
- problem occurs on Fedora 10, Centos 5.4, Windows Vista Business,
RHEL-5.
Ok.
Following is hosts & resolv entries of DHCP server configured on RHEL-5 with ip- 192.168.2.4 where hesco-lf redirects to PORN site.
[root@sydomain ~]# cat /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.2.4 sydomain.sysmart.com sydomain [root@sydomain ~]# cat /etc/resolv.conf ; generated by /sbin/dhclient-script search smartdomain.com nameserver 202.148.202.4 [root@sydomain ~]# nslookup hesco-fl.com Server: 202.148.202.4 Address: 202.148.202.4#53
Non-authoritative answer: Name: hesco-fl.com Address: 204.93.152.184
[root@sydomain ~]# nslookup hesco-lf.com Server: 202.148.202.4 Address: 202.148.202.4#53
** server can't find hesco-lf.com: NXDOMAIN
[root@sydomain ~]# tracert hesco-fl.com traceroute to hesco-fl.com (204.93.152.184), 30 hops max, 40 byte packets 1 192.168.2.1 (192.168.2.1) 0.283 ms 0.268 ms 0.264 ms 2 * * * 3 abs-cn-85.208.79.114.aircel.co.in (114.79.208.85) 2.482 ms 2.484 ms 3.221 ms 4 abs-cn-106.198.148.202.aircel.co.in (202.148.198.106) 15.333 ms 15.336 ms 15.334 ms 5 abs-cn-5.198.148.202.aircel.co.in (202.148.198.5) 31.187 ms 31.201 ms 31.199 ms 6 abs-cn-185.192.148.202.aircel.co.in (202.148.192.185) 31.196 ms 28.986 ms 28.965 ms 7 abs-cn-70.192.148.202.aircel.co.in (202.148.192.70) 28.925 ms 28.929 ms 28.925 ms 8 abs-cn-77.192.148.202.aircel.co.in (202.148.192.77) 29.393 ms 30.134 ms 30.131 ms 9 abs-cn-77.192.148.202.aircel.co.in (202.148.192.77) 30.124 ms 30.120 ms 30.841 ms 10 63-218-143-9.static.pccwglobal.net (63.218.143.9) 173.126 ms 173.110 ms 171.851 ms 11 TenGE13-3.br02.ldn01.pccwbtn.nethttp://tenge13-3.br02.ldn01.pccwbt n.net/(63.218.12.246) 308.115 ms 308.115 ms 308.109 ms 12 xe-0-3-0.cr1.lhr1.uk.nlayer.net (195.66.224.37) 171.766 ms 171.387 ms 170.870 ms
Ok. Same response with the dns set to 202.148.202.4/3 at my location.
[root@sydomain ~]# tracert hesco-lf.com traceroute to hesco-lf.com (208.76.179.25), 30 hops max, 40 byte packets 1 192.168.2.1 (192.168.2.1) 0.256 ms 0.247 ms 0.244 ms 2 abs-static-149.202.102.118.aircel.co.in (118.102.202.149) 48.573 ms 48.575 ms 48.572 ms 3 abs-cn-85.208.79.114.aircel.co.in (114.79.208.85) 2.461 ms 2.459 ms 2.457 ms 4 abs-cn-106.198.148.202.aircel.co.in (202.148.198.106) 15.687 ms 15.687 ms 15.684 ms 5 abs-cn-5.198.148.202.aircel.co.in (202.148.198.5) 30.285 ms 30.287 ms 30.286 ms 6 abs-cn-190.192.148.202.aircel.co.in (202.148.192.190) 30.282 ms 29.688 ms 29.667 ms 7 abs-cn-129.198.148.202.aircel.co.in (202.148.198.129) 29.625 ms 29.635 ms 29.631 ms 8 abs-cn-77.192.148.202.aircel.co.in (202.148.192.77) 31.719 ms 32.210 ms 32.206 ms 9 abs-cn-77.192.148.202.aircel.co.in (202.148.192.77) 32.200 ms 32.195 ms 32.191 ms 10 63-218-143-9.static.pccwglobal.net (63.218.143.9) 172.207 ms 172.209 ms 175.684 ms 11 TenGE13-3.br02.ldn01.pccwbtn.nethttp://tenge13-3.br02.ldn01.pccwbt n.net/(63.218.12.246) 167.410 ms 166.204 ms 166.194 ms 12 195.66.224.130 (195.66.224.130) 243.520 ms 243.509 ms 243.478 ms 13 vb1042.rar3.nyc-ny.us.xo.net (207.88.13.202) 252.381 ms 247.991 ms 247.970 ms 14 te-3-0-0.rar3.washington-dc.us.xo.net (207.88.12.74) 301.287 ms 305.225 ms 305.200 ms
Cannot replicate this. So something wrong with this specific install, not as Sagar Belure suggests the Airtel dns
do you have bind running on this machine or some other machine on smartdomain.com? from the resolv.conf remove "search smartdomain.com"
Router - Fedora 6 -ip - 192.168.2.1- NO redirection to PORN
Other Linux systems ( CentOS, Fedora ) - DHCP enabled, no Domain
redirection to PORN
Router has eth0 & eth1 ( Forwarding, Natting ) . IPs 202.148.202.3, 202.148.202.4 - external DNS entries for all my network from Aircel ISP.
Regards, DATTA