momo zone

调核人的blog

dnscrypt奇怪问题

抓包发现dnscrypt相关的一个目的服务器地址2.dnscrypt-cert.opendns.com与一个ip 1.0.209.116相关。

查一下这个ip竟然在泰国:

数据来源:https://dazzlepod.com

IP  1.0.209.116
Hostname node-g38.pool-1-0.dynamic.totbb.net
ASN AS9737
Organization TOTNET-TH-AS-AP TOT Public Company Limited
Prefix 1.0.192.0/19
Country Thailand
Local time 2013/08/06 16:10 (Indochina Time)
JSON 1.0.209.116.json
PORT   STATE SERVICE VERSION
21/tcp open  ftp?
|_ftp-anon: ERROR: Script execution failed (use -d to debug)
|_ftp-bounce: no banner
23/tcp open  telnet  Netgear broadband router or ZyXel VoIP adapter telnetd
80/tcp open  http    Allegro RomPager 4.07 UPnP/1.0 (ZyXEL ZyWALL 2)
| http-auth: 
| HTTP/1.1 401 Unauthorized
|_  Basic realm=Wireless-N 150 Mbps ADSL2+ Router
| http-methods: Potentially risky methods: PUT
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Protected Object
81/tcp open  http    mini_httpd 1.19 19dec2003
| http-auth: 
| HTTP/1.1 401 Unauthorized
|_  Basic realm=.
|_http-methods: No Allow or Public header in OPTIONS response (status code 501)
|_http-title: 401 Unauthorized
— Command: nmap –Pn –F –T4 –sV —script “default and safe” —open 1.0.209.116

https://github.com/opendns/dnscrypt-proxy

这个ip竟然是一个ADSL2+ 的router

难道opendns这个域名被污染了

Advertisements

发表评论

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 更改 )

Twitter picture

You are commenting using your Twitter account. Log Out / 更改 )

Facebook photo

You are commenting using your Facebook account. Log Out / 更改 )

Google+ photo

You are commenting using your Google+ account. Log Out / 更改 )

Connecting to %s

%d 博主赞过: