Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Posted: 2/28/2006 6:48:48 PM EDT
God, I'm sick of this shit. These fucking hackers continually attack the gunsamerica.com site.
Link Posted: 2/28/2006 6:58:43 PM EDT
looks fine to me
Link Posted: 2/28/2006 7:01:12 PM EDT
Hackers suck. If only they would spend their energy doing something constructive. I just don't get their motivation.
Link Posted: 2/28/2006 7:01:54 PM EDT
When I click on my bookmark it says "Pardon our Dust at Gunsamerica BH. " Then it contains the following message:

GunsAmerica is moving...
Most people now have their ISP pointing at the new server in sunny florida!
But your ISP (we know for sure Bellsouth and there are others) may not have updated their cache files yet. You can try accessing us at our new server 216.219.244.51 in the meantime with it's raw IP address, but you might have issues with pictures. Complain to your ISP!! It's a little rediculous almost two days later that they haven't updated it. -mgmt
Link Posted: 2/28/2006 7:02:26 PM EDT
It's not hacked. Your ISP (and mine, incidentaly) have misconfigured name servers and are not observing the 1 hr TTL configured for the domain.

My own name server does, however:


[root@eagle named]# dig a gunsamerica.com

; <<>> DiG 9.2.5 <<>> a gunsamerica.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28172
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;gunsamerica.com. IN A

;; ANSWER SECTION:
gunsamerica.com. 3111 IN A 216.219.244.51

;; AUTHORITY SECTION:
gunsamerica.com. 3111 IN NS ns1.primarydns.com.
gunsamerica.com. 3111 IN NS ns2.primarydns.com.

;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(localhost)
;; WHEN: Tue Feb 28 21:01:58 2006
;; MSG SIZE rcvd: 96

[root@eagle named]#

Link Posted: 2/28/2006 7:07:54 PM EDT
[Last Edit: 2/28/2006 7:09:02 PM EDT by Midnight-Sniper]
You're right! I clicked on the IP link in the note and it took me right to their site. Sorry for the erroneous thread.
Link Posted: 2/28/2006 7:39:19 PM EDT
[Last Edit: 2/28/2006 7:41:03 PM EDT by SubnetMask]
Actually, there's more to it. They did more than modify an A record. They up and changed name servers.

The old record has a current TTL of about 17 hours, according to my ISP's name server. It's not my ISP's fault, as gunsamerica suggests. It's theirs. The TTL on their old zone file was waaaaaay too long (over two days, I think). My ISP's name server is faithfully doing what it was told, i.e. "Don't resolve this address again for another 17 hours". My name server had never previously resolved gunsamerica.com, so it looked it had no erroneous cache to refer to. It had to do a new lookup (root NS, then authoritive server for domain, etc).

Whoever is responsible for managing DNS at gunsamerica.com (even if they farmed it out) is a fucking moron.


[root@eagle named]$ dig @72.11.0.21 gunsamerica.com

; <<>> DiG 9.2.5 <<>> @72.11.0.21 gunsamerica.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54262
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 1

;; QUESTION SECTION:
;gunsamerica.com. IN A

;; ANSWER SECTION:
gunsamerica.com. 61907 IN A 69.25.207.216

;; AUTHORITY SECTION:
gunsamerica.com. 155912 IN NS ns2.servercity.com.
gunsamerica.com. 155912 IN NS ns5.servercity.com.
gunsamerica.com. 155912 IN NS ns.servercity.com.

;; ADDITIONAL SECTION:
ns5.servercity.com. 53831 IN A 69.25.207.4

;; Query time: 67 msec
;; SERVER: 72.11.0.21#53(72.11.0.21)
;; WHEN: Tue Feb 28 21:30:59 2006
;; MSG SIZE rcvd: 129

[root@eagle named]#


As you can see, querying my ISP's name server shows the old IP address AND the old authorative name servers for gunsamerica.co. My ISP's name server is doing is exactly what it was told to do.
Link Posted: 2/28/2006 7:39:34 PM EDT
[Last Edit: 2/28/2006 7:41:36 PM EDT by diveriter]
Your ISP's Domain Name Servers (DNS) have not refreshed their Cached look ups. Their DNS servers store normally about 10 folders related to 10 different country IP ranges for NS(name servers) + the .com, .net, .org ect...

It normally takes 12-48hrs to refresh. But if the HOST of the said website takes 12-48hrs to update all of their records & then the ISPs take another 12-48hrs to refresh...

You get the picture... You have web NAME addresses that point to old IP addresses of hosted website... and there's nothing there anymore 'cause it's been moved to another IP address.

Ok so I'm a bit long winded nerd...

David
Link Posted: 2/28/2006 7:43:52 PM EDT

Originally Posted By diveriter:
Your ISP's Domain Name Servers (DNS) have not refreshed their Cached look ups. Their DNS servers store normally about 10 folders related to 10 different country IP ranges for NS(name servers) + the .com, .net, .org ect...

It normally takes 12-48hrs to refresh. But if the HOST of the said website takes 12-48hrs to update all of their records & then the ISPs take another 12-48hrs to refresh...

You get the picture... You have web NAME addresses that point to old IP addresses of hosted website... and there's nothing there anymore 'cause it's been moved to another IP address.

Ok so I'm a bit long winded nerd...

David



They're not refreshing their cache, because the record hasn't expired yet. The record hasn't expired yet, because the person(s) responsible for managing the gunsamerica.com zone file set the TTL at two days or more. The persons responsible for the retarded message on the old server are mouth breathers.
Link Posted: 2/28/2006 7:53:15 PM EDT
[Last Edit: 2/28/2006 7:54:11 PM EDT by diveriter]

Originally Posted By SubnetMask:

Originally Posted By diveriter:
Your ISP's Domain Name Servers (DNS) have not refreshed their Cached look ups. Their DNS servers store normally about 10 folders related to 10 different country IP ranges for NS(name servers) + the .com, .net, .org ect...

It normally takes 12-48hrs to refresh. But if the HOST of the said website takes 12-48hrs to update all of their records & then the ISPs take another 12-48hrs to refresh...

You get the picture... You have web NAME addresses that point to old IP addresses of hosted website... and there's nothing there anymore 'cause it's been moved to another IP address.

Ok so I'm a bit long winded nerd...

David



They're not refreshing their cache, because the record hasn't expired yet. The record hasn't expired yet, because the person(s) responsible for managing the gunsamerica.com zone file set the TTL at two days or more. The persons responsible for the retarded message on the old server are mouth breathers.




Someone is and needs a

David
Link Posted: 2/28/2006 8:04:09 PM EDT
[Last Edit: 2/28/2006 8:04:50 PM EDT by SubnetMask]

Originally Posted By diveriter:
Someone is and needs a

David





It gets worse. If you query the old server listed as authorative for the domain (ns.servercity.com), you see what the original Time To Live was:


[root@eagle named]# dig @ns.servercity.com gunsamerica.com

; <<>> DiG 9.2.5 <<>> @ns.servercity.com gunsamerica.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57852
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;gunsamerica.com. IN A

;; ANSWER SECTION:
gunsamerica.com. 1728000 IN A 69.25.207.216

;; AUTHORITY SECTION:
gunsamerica.com. 1728000 IN NS ns.servercity.com.
gunsamerica.com. 1728000 IN NS ns2.servercity.com.
gunsamerica.com. 1728000 IN NS ns5.servercity.com.

;; ADDITIONAL SECTION:
ns.servercity.com. 300 IN A 216.235.252.130
ns2.servercity.com. 300 IN A 216.235.252.140
ns5.servercity.com. 300 IN A 69.25.207.4

;; Query time: 83 msec
;; SERVER: 216.235.252.130#53(216.235.252.130)
;; WHEN: Tue Feb 28 21:56:16 2006
;; MSG SIZE rcvd: 161

[root@eagle named]#


For the math impaired, 1,728,000 seconds is 20 days. I'll say it again - the person(s) responsible for managing their domain are fucking idiots, and need their pee pee slapped.

For the techno-geek impaired, this means that your ISP's name server has 20 days from the last time it resolved gunsamerica.com, before the record will expire and it will try again. If it expired the gunsamerica.com record 5 days ago, you will have to wait 15 days before it will try again. Meanwhile, some moron with his head up his ass and the ability to update the old site insists it's your ISP's fault.
Link Posted: 2/28/2006 8:23:11 PM EDT

Originally Posted By SubnetMask:

Originally Posted By diveriter:
Someone is and needs a

David





It gets worse. If you query the old server listed as authorative for the domain (ns.servercity.com), you see what the original Time To Live was:


[root@eagle named]# dig @ns.servercity.com gunsamerica.com

; <<>> DiG 9.2.5 <<>> @ns.servercity.com gunsamerica.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57852
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;gunsamerica.com. IN A

;; ANSWER SECTION:
gunsamerica.com. 1728000 IN A 69.25.207.216

;; AUTHORITY SECTION:
gunsamerica.com. 1728000 IN NS ns.servercity.com.
gunsamerica.com. 1728000 IN NS ns2.servercity.com.
gunsamerica.com. 1728000 IN NS ns5.servercity.com.

;; ADDITIONAL SECTION:
ns.servercity.com. 300 IN A 216.235.252.130
ns2.servercity.com. 300 IN A 216.235.252.140
ns5.servercity.com. 300 IN A 69.25.207.4

;; Query time: 83 msec
;; SERVER: 216.235.252.130#53(216.235.252.130)
;; WHEN: Tue Feb 28 21:56:16 2006
;; MSG SIZE rcvd: 161

[root@eagle named]#


For the math impaired, 1,728,000 seconds is 20 days. I'll say it again - the person(s) responsible for managing their domain are fucking idiots, and need their pee pee slapped.

For the techno-geek impaired, this means that your ISP's name server has 20 days from the last time it resolved gunsamerica.com, before the record will expire and it will try again. If it expired the gunsamerica.com record 5 days ago, you will have to wait 15 days before it will try again. Meanwhile, some moron with his head up his ass and the ability to update the old site insists it's your ISP's fault.



That's what I was getting @.

-----------------------------------------------------------------------
Domain Name: GUNSAMERICA.COM
Registrar: REGISTRATION TECHNOLOGIES, INC.
Whois Server: whois.registrationtek.com
Referral URL: http://www.registrationtek.com
Name Server: NS1.PRIMARYDNS.COM
Name Server: NS2.PRIMARYDNS.COM
Status: REGISTRAR-LOCK
Updated Date: 27-feb-2006
Creation Date: 20-sep-1997
Expiration Date: 19-sep-2009
---------------------------------------------------------------------
They moved from one HOST to another, and it looks like it hasn't been changed in the NS pointer.

Some one needs a good
David
Link Posted: 2/28/2006 8:34:45 PM EDT
Holy poop.

Somebody doesn't understand the purpose of a DNS TTL.

I hear the cluephone ringing.
Link Posted: 2/28/2006 9:52:08 PM EDT

Originally Posted By SubnetMask:

It gets worse. If you query the old server listed as authorative for the domain (ns.servercity.com), you see what the original Time To Live was:

For the math impaired, 1,728,000 seconds is 20 days. I'll say it again - the person(s) responsible for managing their domain are fucking idiots, and need their pee pee slapped.



Holy crap...a 20 day TTL???

Who in their right freaking mind would ever set it that long? Either the guy doing it is a complete idiot or there was some of horrendous error when they set things up.

We could invade canada and set up a new government in 20 days, for pete's sake.
Link Posted: 2/28/2006 9:58:00 PM EDT

Originally Posted By SubnetMask:
Actually, there's more to it. They did more than modify an A record. They up and changed name servers.

The old record has a current TTL of about 17 hours, according to my ISP's name server. It's not my ISP's fault, as gunsamerica suggests. It's theirs. The TTL on their old zone file was waaaaaay too long (over two days, I think). My ISP's name server is faithfully doing what it was told, i.e. "Don't resolve this address again for another 17 hours". My name server had never previously resolved gunsamerica.com, so it looked it had no erroneous cache to refer to. It had to do a new lookup (root NS, then authoritive server for domain, etc).

Whoever is responsible for managing DNS at gunsamerica.com (even if they farmed it out) is a fucking moron.



Thats exactly what I thought it was.......





Damn I wish I knew what the hell it was you just said in English.
Link Posted: 2/28/2006 10:52:03 PM EDT
Hackers suck - but from how horribly designed the site is - I would bet the Sys Admin (or lack there of) is also to blame.

I have a friend who gets paid WELL to make sure sites are secure - and he has an exceptional track record.
Link Posted: 2/28/2006 11:34:38 PM EDT

Who in their right freaking mind would ever set it that long?

There's absolutely nothing wrong with setting it to be that long...if you don't plan on changing IP addresses in the near future. Some of the old examples from the O'Reilly book used 7 days as the TTL.

The TTL's on my domain names are set for longer than that (31 days, 2678400) since I haven't had to change addresses since switching to Sprint in 1994. It's just good netiquette to set the TTL as high as you can to minimize DNS traffic and the load on name servers. If you are planning on changing IP addresses, you simply reduce the TTL to an hour or so.z
Link Posted: 3/1/2006 6:36:31 AM EDT

Originally Posted By zoom:

Who in their right freaking mind would ever set it that long?

There's absolutely nothing wrong with setting it to be that long...if you don't plan on changing IP addresses in the near future. Some of the old examples from the O'Reilly book used 7 days as the TTL.

The TTL's on my domain names are set for longer than that (31 days, 2678400) since I haven't had to change addresses since switching to Sprint in 1994. It's just good netiquette to set the TTL as high as you can to minimize DNS traffic and the load on name servers. If you are planning on changing IP addresses, you simply reduce the TTL to an hour or so.z



My personal policy is to match the TTL with my project planning expactations. In other words, if I think it's possible that the total time to change an IP address - from "hey, I've got an idea" to "Hey, it's done" - is 10 days, then I will never make the TTL any longer than that. In all honesty, I keep most of them at about a day. Hell, ar15.com (more DNS requests than any of my domains by a long shot) has a 1 day TTL. Between 80+ domains, hundreds of thousands of requests, and zone transfers to 4 other name servers, named processor utilization is all of 3% on a bad day on my box. Most zone files are configured with a 1 day TTL on my server.

Personally, I think it's more convienient to just keep the TTL reasonably low. The additional burden on name servers is negligible. Now, if everybody used a 300 sec TTL as a matter of policy...
Link Posted: 3/1/2006 6:40:01 AM EDT

Originally Posted By zoom:

Who in their right freaking mind would ever set it that long?

There's absolutely nothing wrong with setting it to be that long...if you don't plan on changing IP addresses in the near future.



You can't plan for the unexpected, and a high TTL can really hurt when the unexpected happens. I keep my TTLs at around a day or so in most cases.
Link Posted: 3/1/2006 7:18:19 AM EDT
I am good friends with Emmanual Goldstein (alt.2600) and he says that most hacks todays are "script kiddies" who dont even know what a linux shell is but they just do it to be assholes.
Maybe if they spent 1% of thier time learning C++ or Java they could be halfway decent programmers. And the plain fact is most sites are secure thanks to linux and unix. These tards get off hacking some bullshit knitting site for grannies. where did i meet Emmanual? (not his real name ) Why at a SCI-FI convention of course! + =
Link Posted: 3/1/2006 7:56:27 AM EDT

Originally Posted By t-stox:
I am good friends with Emmanual Goldstein (alt.2600) and he says that most hacks todays are "script kiddies" who dont even know what a linux shell is but they just do it to be assholes.
Maybe if they spent 1% of thier time learning C++ or Java they could be halfway decent programmers. And the plain fact is most sites are secure thanks to linux and unix. These tards get off hacking some bullshit knitting site for grannies. where did i meet Emmanual? (not his real name ) Why at a SCI-FI convention of course! + =



That's all true more or less, but it appears that gunsamerica suffers from stupid sysadmins, not script kiddie attacks.
Link Posted: 3/1/2006 8:43:47 AM EDT
Gunsamerica.com is a joke. People want insane prices for most items there. I tried to buy several guns from there fro my customers and everytime it was a royal pain in the butt working with the dealers on that site. Gunbroker.com is the only way to go from what I have seen.
Link Posted: 3/1/2006 8:50:15 AM EDT

Originally Posted By zoom:

Who in their right freaking mind would ever set it that long?

There's absolutely nothing wrong with setting it to be that long...if you don't plan on changing IP addresses in the near future. Some of the old examples from the O'Reilly book used 7 days as the TTL.

The TTL's on my domain names are set for longer than that (31 days, 2678400) since I haven't had to change addresses since switching to Sprint in 1994. It's just good netiquette to set the TTL as high as you can to minimize DNS traffic and the load on name servers. If you are planning on changing IP addresses, you simply reduce the TTL to an hour or so.z



There's a problem that things don't always go as planned, so you keep your TTL times reasonable enough to adapt to what happens.
Top Top