Hello! This is most likely the wrong list, but I can't find a linux security list and this is a little bit urgent! Maybe someone off this list can give me some pointers.
My client has a domain. When I ping the domain, it resolves to the IP address of the dedicated server he is hosting on. But then, when I try to resolve the ip address back to a domain, using either "host xx.xx.xx.xx" on mac os x, or "/usr/bin/resolveip xx.xx.xx.xx" on linux, the ip address is resolved to a domain name that is a little bit suspicious: ns2.decayandcorrupt.com Is this an attack? Resolving an ip address to a hostname shouldn't return a nameserver, should it? Since the domain name utimately resolves to the correct IP address, requests to the website are successfull, and return the files we have hosted on the server. But the other way around, i.e. that the ip resolves to such an weird domain name, is a little bit suspicious to me. ANY pointers would be helpful. We're a little bit desperate as support of our hosting companies wasn't very helpful, so I thought I'd ask here, since, IMO, this smells a little bit. Thanks, Robert
