[IP] .mil WHOIS offline?
-------- Original Message --------
Subject: .mil WHOIS offline?
Date: Fri, 03 Mar 2006 14:30:32 -0500
From: Jeff Porten <civitan@xxxxxxxxxxxxxx>
To: David Farber <dave@xxxxxxxxxx>
For IP, if you wish.
I'm doing some routine maintenance on our mail server and tracking
back IP addresses with a database that queries various WHOIS
servers. To my surprise, the .mil whois server at whois.nic.mil is
offline -- the domain itself doesn't resolve any longer.
I spoke to the very nice customer support representative at the phone
number I found on the web, who told me the following:
1) he wasn't sure if this service was *ever* public. Which I find
interesting, as it's a coded flag in the whois man page.
2) he said I should refer all IPs I need to review directly to DoD CERT.
3) he said that he received many calls like this, and it's "always"
people spoofing the IP addresses of .mil computers. I mentioned that
since I'm tracking spam flow, it's likely to be someone with a
legitimate .mil address and a compromised computer. He referred me
again to CERT.
Anyway, this struck me as *very* odd, and I feel like I'm showing up
in the middle of the story. Anyone know more about this?
Best,
Jeff
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/