>Hello Solaris developers, I need help with diagnosing possible malware, >which seems to be originating from Solaris shared library. > >The problem occurs when I submit a URL that doesn't exist. Instead of >returning an error, it seems Solaris resolver returns IP addresses of >webserver which redirect HTTP requests to web pages filled with Google >adds, etc. So, somebody is making money form all these redirects. > >What's worse, is that quite frequently legitimate URL names, are mapped to >these bogus IP addreses, blocking me from accessing the legitimate web >site for a period of 5 to 30 minutes. > >Originally I thought it was my ISP that was redirecting customer traffic, >however this problem does not occur on other machines on the same network, >which have identical DNS settings to the Solaris box.
What is the DNS server you are using? Is it different from other systems? This is typical what ISPs may do. Mine does unless you use their unofficial DNS servers. Casper _______________________________________________ opensolaris-code mailing list opensolaris-code@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
