上午上班,往常一样开TW,突然爆出baidu域名被劫持的消息,那时候是8点40,访问了下百度,发现不行,但是其他同事的机器可以访问,我想到了我的首选DNS是google的8.8.8.8,轮换主次之后,发现可以了,只是谷歌的DNS还不行而已。
花了段时间了解了真相,首先是百度的域名被劫持,redirect首页留下:This site has been hacked by Iranian Cyber Army.感觉到很奇怪,伊朗网络部队最近在井喷吗?在大约10点钟左右,百度的DNS又被修改为NS2303.HOSTGATOR.COM和NS2304.HOSTGATOR.COM,双方黑客拉锯战处于胶着状态。其实baidu.com的正确解析应该是这样的,不难看出,这个域名一直是注册商在管理,而且是国外,此次事件百度的官方称是因为注册商Register的漏洞所致,但是百度又不敢将域名转到国内,怕像51.com和博客大巴一样被XX,权衡利弊,还是放到国外了,而且全权由Register管理。中午李彦宏在自己的i贴吧发布“史无前例 史无前例啊!”的感慨!!(我也在赶快!!!)
紧接着来自中国红客联盟的消息,国内黑客反击了,貌似伊朗国防部的网站mod.ir被爆出WEB服务器目录遍历漏洞,接连http://room98.ir/ 、 http://www.iribu.ir/ 等网站被黑,留下了五星红旗!由此吵的轰轰烈烈,
14:22 http://www2.mousavian.ir/ 和 http://www.irib.ac.ir/ 被黑
15:28 http://www.irun.ir/ 被黑 截图:http://flic.kr/p/7vchHo/sizes/o
Baidu.com的正常解析:
Registrant:
Domain Discreet
ATTN: baidu.com
Rua Dr. Brito Camara, n 20, 1
Funchal, Madeira 9000-039
PT
Phone: 1-902-7495331
Email: 036f37850a14115101201f9483195f63@domaindiscreet.com
Registrar Name….: Register.com(注册商)
Registrar Whois…: whois.register.com
Registrar Homepage: www.register.com
Domain Name: baidu.com
Created on…………..: 1999-10-11
Expires on…………..: 2014-10-11
Administrative Contact:
Domain Discreet
ATTN: baidu.com
Rua Dr. Brito Camara, n 20, 1
Funchal, Madeira 9000-039
PT
Phone: 1-902-7495331
Email: 036f376a0a14115100199c0316d64ebb@domaindiscreet.com
Technical Contact:
Domain Discreet
ATTN: baidu.com
Rua Dr. Brito Camara, n 20, 1
Funchal, Madeira 9000-039
PT
Phone: 1-902-7495331
Email: 036f37860a14115101c8a6d69ced14a8@domaindiscreet.com
DNS Servers:
yns1.yahoo.com
yns2.yahoo.com
The previous information has been obtained either directly from the registrant or a registrar of the domain name other than Network Solutions. Network Solutions, therefore, does not guarantee its accuracy or completeness.
Show underlying registry data for this record
Current Registrar: REGISTER.COM, INC. (注册商)
IP Address: 220.181.6.175 (ARIN & RIPE IP search)
IP Location: CN(CHINA)-BEIJING-BEIJING
Record Type: Domain Name
Server Type: Other 1
Lock Status: clientTransferProhibited
WebSite Status: Active
DMOZ 1 listings
Y! Directory: see listings
Secure: Yes
Ecommerce: No
Traffic Ranking: 4
Data as of: 22-Apr-2008
![系统日志分类别输出至日志文件[Log4j应用]](/wp-content/themes/textdash/img/thumb-medium.png)