linuxsucks.org

davcefai · 01-14-2008, 12:22 PM

I came across a reference to www.linuxsucks.org and tried to visit the site to see what it is about.

To my surprise, on 2 Debian Linux PCs I found myself connected to localhost! Pinging the site also returned localhost.

On a Windows 2000 PC (No web server installed) I got a 404 error and pinging also returned localhost.

My network is a 192.168...... one and connects via a router and ADSL modem. I cannot find anything in the router setup to explain this behaviour.

Could anybody help explain this and have I been compromised?

b0uncer · 01-14-2008, 12:32 PM

I hardly think you've "been compromised" - does the same for me as well. And I doubt it's nothing brain-cracking, but something is forwarding you (me) back to localhost as soon as the address is resolved

funny, I'd say. Traceroute might give something..

okmyx · 01-14-2008, 01:08 PM

Lol.......

DNS resolution for www.linuxsucks.org resolves to 127.0.0.1

http://network-tools.com/default.asp...linuxsucks.org

Someone somewhere is having a joke =)

davcefai · 01-14-2008, 01:35 PM

Thanks for the feedback. This is probably a consequence of this article:

http://hacktivision.com/index.php?bl...&c=1&tb=1&pb=1

pixellany · 01-14-2008, 03:12 PM

well......

whois linuxsucks.org gives address and phone number for the domain owner---why not give them a call?

partial output:

Quote:

Registrant Organization:linuxsucks.org
Registrant Street1:6429 W97TH PL STE 101
Registrant Street2:
Registrant Street3:
Registrant City:Westminster
Registrant State/Province:CO
Registrant Postal Code:80021
Registrant Country:US
Registrant Phone:+1.7209886666
Registrant Phone Ext.:
Registrant FAX:

Emerson · 01-14-2008, 03:47 PM

Hmh, setting domainname to resolve to loopback is fairly common practice. This is what registrars do when a site is spamvertised or otherwise breaks rules.

dive · 01-14-2008, 03:58 PM

Dont think you will get much joy phoning 1.7209886666!!

pixellany · 01-15-2008, 07:49 AM

Quote:

Originally Posted by dive

Dont think you will get much joy phoning 1.7209886666!!

I guess I'm slow this AM....it looks like a real phone number (1 = usa, 720 = Denver, etc.)
Did you try it?

dive · 01-15-2008, 07:53 AM

Not phoning it from the UK. But we usually would write it +17209886666 without the .

d3k4y · 01-17-2008, 11:25 AM

[QUOTE=davcefai;3022223]Thanks for the feedback. This is probably a consequence of this article:

Yeah, the site was up when I wrote the article. Note, that I did not mean for the site to get hit with a ton of traffic or encourage anyone to do anything malicious. The article actually got dugg, and linked to by 5 or 6 very popular sites resulting in thousands of visitors to my article in a short period of time. I'm guessing most of the visitors could not resist the temptation to check out a site with a URL linuxsucks.org. At first, it just was giving a 500 error, and then someone flipped the DNS to point to 127.0.0.1. If anyone knows the guy who runs the site, traffic has since died down on that article and it is probably safe to put the site back up.

Also Note: Yes, I still google my own site, cuz I'm lame.