Showing posts with label rdns. Show all posts
Showing posts with label rdns. Show all posts

Sunday, December 28, 2014

rDNS to Burn Ho Ho Ho

Every year, like clockwork, someone makes sure to do something clever like this. Dont forget to set your max ttl to a little over 100 so you get ALL the lyrics. You don't want to miss out on a Christmas miracle.

$ traceroute -m 120 xmas.futile.net
traceroute to xmas.futile.net (77.75.106.106), 120 hops max, 60 byte packets
 1  ec2-50-112-0-86.us-west-2.compute.amazonaws.com (50.112.0.86)  1.700 ms ec2-50-112-0-82.us-west-2.compute.amazonaws.com (50.112.0.82)  2.160 ms  2.121 ms
 2  100.64.1.143 (100.64.1.143)  1.287 ms 100.64.1.157 (100.64.1.157)  1.850 ms 100.64.1.179 (100.64.1.179)  1.514 ms
 3  100.64.0.114 (100.64.0.114)  1.697 ms 100.64.0.56 (100.64.0.56)  1.431 ms 100.64.0.66 (100.64.0.66)  1.637 ms
 4  100.64.16.89 (100.64.16.89)  0.816 ms 100.64.16.29 (100.64.16.29)  0.870 ms 100.64.16.153 (100.64.16.153)  0.929 ms
 5  205.251.232.166 (205.251.232.166)  3.181 ms  2.279 ms 54.239.48.184 (54.239.48.184)  1.175 ms
 6  205.251.232.154 (205.251.232.154)  1.731 ms  1.315 ms 205.251.232.198 (205.251.232.198)  1.409 ms
 7  205.251.232.89 (205.251.232.89)  7.241 ms 205.251.232.91 (205.251.232.91)  8.558 ms 205.251.232.78 (205.251.232.78)  7.016 ms
 8  205.251.225.201 (205.251.225.201)  7.385 ms 205.251.226.226 (205.251.226.226)  6.461 ms 205.251.226.192 (205.251.226.192)  5.849 ms
 9  ae-8.r04.sttlwa01.us.bb.gin.ntt.net (198.104.202.189)  8.910 ms ae-18.r05.sttlwa01.us.bb.gin.ntt.net (129.250.201.177)  7.586 ms ae-8.r04.sttlwa01.us.bb.gin.ntt.net (198.104.202.189)  8.911 ms
10  ae-7.r21.sttlwa01.us.bb.gin.ntt.net (129.250.5.48)  7.377 ms ae-6.r21.sttlwa01.us.bb.gin.ntt.net (129.250.5.44)  6.058 ms  8.077 ms
11  ae-3.r22.nycmny01.us.bb.gin.ntt.net (129.250.2.50)  73.357 ms  74.689 ms  71.985 ms
12  ae-5.r22.londen03.uk.bb.gin.ntt.net (129.250.3.127)  145.012 ms  153.988 ms  154.003 ms
13  ae-1.r02.londen03.uk.bb.gin.ntt.net (129.250.5.25)  142.310 ms  143.254 ms  144.756 ms
14  xe-0-0-3.edge00.the.uk.hso-group.net (62.73.169.34)  155.629 ms  153.431 ms  170.395 ms
15  xe-3-3.core00.the.uk.hso-group.net (93.89.91.13)  154.304 ms  145.935 ms  155.607 ms
16  xe-4-4.core00.thw.uk.hso-group.net (77.75.108.135)  161.489 ms  170.428 ms  168.645 ms
17  xe-8-4.core00.thn.uk.hso-group.net (77.75.108.137)  145.769 ms  151.782 ms  150.956 ms
18  xe-4-4.core00.gs1.uk.hso-group.net (77.75.108.160)  155.492 ms  154.586 ms  153.756 ms
19  ae0-1203.edge00.sov.uk.hso-group.net (46.17.60.117)  162.573 ms  145.314 ms  156.443 ms
20  xoxoxoxoxoxo.Ho.Ho.Ho.xoxoxoxoxoxo (93.89.84.75)  152.557 ms  148.137 ms  149.111 ms
21  ooooxooooooxooo.V.ooooooxooooxoooo (82.133.91.37)  148.166 ms  158.433 ms  157.012 ms
22  ooxoooooxooooo.MMM.ooooooooxxoooxo (82.133.91.18)  146.747 ms  150.743 ms  148.490 ms
23  oooxoooooxooo.EEEEE.oooxoooooxoooo (82.133.91.63)  155.556 ms  150.612 ms  149.207 ms
24  ooooxooxooox.RRRRRRR.ooooooxooooox (82.133.91.56)  150.052 ms  147.187 ms  147.717 ms
25  oxooooooxoo.RRRRRRRRR.oooxooooooxo (82.133.91.55)  146.850 ms  157.273 ms  163.567 ms
26  xoooxooooo.YYYYYYYYYYY.oooxooooxoo (82.133.91.58)  146.490 ms  155.792 ms  155.358 ms
27  ooxoooooxooooo.CCC.ooooooooxoooxoo (82.133.91.96)  147.694 ms  146.370 ms  146.917 ms
28  oooooxooo.HHHHHHHHHHHHH.oxoooxoooo (82.133.91.23)  156.264 ms  157.224 ms  147.976 ms
29  ooxooxoo.RRRRRRRRRRRRRRR.ooxoooxoo (82.133.91.49)  149.529 ms  157.479 ms  146.768 ms
30  oxoooxo.IIIIIIIIIIIIIIIII.oooxooxo (82.133.91.60)  147.004 ms  149.610 ms  146.144 ms
31  oooxoo.SSSSSSSSSSSSSSSSSSS.ooxoooo (82.133.91.42)  159.816 ms  147.422 ms  147.647 ms
32  oooxoooxoooooo.TTT.ooooooooooooxoo (82.133.91.61)  146.592 ms  150.407 ms  147.971 ms
33  ooxoo.MMMMMMMMMMMMMMMMMMMMMM.oooxo (82.133.91.34)  158.860 ms  157.308 ms  146.151 ms
34  xxoo.AAAAAAAAAAAAAAAAAAAAAAAA.oxoo (82.133.91.80)  157.832 ms  154.396 ms  147.990 ms
35  oxo.SSSSSSSSSSSSSSSSSSSSSSSSSS.ooo (82.133.91.40)  147.656 ms  157.133 ms  146.486 ms
36  ooxooooooooooo.XXX.oooooooooooooxo (82.133.91.35)  156.158 ms  147.422 ms  148.664 ms
37  oxoooooooooooo.XXX.ooooooooooooxxo (82.133.91.10)  156.621 ms  156.882 ms  149.265 ms
38  Oh.the.weather.outside.is.frightful (82.133.91.41)  156.463 ms  159.244 ms  149.237 ms
39  But.the.fire.is.so.delightful (82.133.91.19)  155.633 ms  155.197 ms  148.495 ms
40  And.since.weve.no.place.to.go (82.133.91.77)  163.198 ms  148.568 ms  157.004 ms
41  Let.It.Snow.Let.It.Snow.Let.It.Snow (82.133.91.43)  145.524 ms  148.442 ms  148.235 ms
42  xXx (82.133.91.24)  154.886 ms  156.168 ms  148.119 ms
43  It.doesnt.show.signs.of.stopping (82.133.91.36)  155.728 ms  149.842 ms  147.509 ms
44  And.Ive.bought.some.corn.for.popping (82.133.91.73)  156.513 ms  155.195 ms  148.890 ms
45  The.lights.are.turned.way.down.low (82.133.91.76)  156.784 ms  156.929 ms  149.023 ms
46  Let.It.Snow.Let.It.Snow.Let.It.Snow (82.133.91.67)  157.132 ms  147.427 ms  146.847 ms
47  xXx (82.133.91.38)  155.047 ms  157.809 ms  158.599 ms
48  When.we.finally.kiss.good.night (82.133.91.62)  148.095 ms  156.498 ms  155.979 ms
49  How.Ill.hate.going.out.in.the.storm (82.133.91.45)  144.783 ms  153.313 ms  154.611 ms
50  But.if.youll.really.hold.me.tight (82.133.91.78)  145.371 ms  147.084 ms  154.588 ms
51  All.the.way.home.Ill.be.warm (82.133.91.17)  148.071 ms  148.590 ms  147.392 ms
52  xXx (82.133.91.70)  151.266 ms  148.426 ms  146.638 ms
53  The.fire.is.slowly.dying (82.133.91.95)  156.077 ms  155.992 ms  157.804 ms
54  And.my.dear.were.still.goodbying (82.133.91.57)  149.232 ms  157.089 ms  155.868 ms
55  But.as.long.as.you.love.me.so (82.133.91.31)  147.339 ms  148.318 ms  156.999 ms
56  Let.It.Snow.Let.It.Snow.Let.It.Snow (82.133.91.53)  153.937 ms  155.810 ms  147.369 ms
57  oOo (82.133.91.94)  162.711 ms  148.860 ms  154.739 ms
58  Ho.Ho.Ho.Are.We.Having.Fun.Yet (82.133.91.64)  148.437 ms  156.270 ms  163.520 ms
59  M.E.R.R.Y.C.H.R.I.S.T.M.A.S (82.133.91.86)  153.629 ms  146.195 ms  154.195 ms
60  oOo (82.133.91.15)  156.081 ms  145.935 ms  155.280 ms
61  Dashing.through.the.snow (82.133.91.14)  146.503 ms  150.094 ms  155.717 ms
62  In.a.one-horse.open.sleigh (82.133.91.83)  156.842 ms  156.586 ms  159.232 ms
63  Over.the.fields.we.go (82.133.91.27)  155.382 ms  146.111 ms  146.592 ms
64  Laughing.all.the.way (82.133.91.71)  156.139 ms  164.653 ms  148.819 ms
65  Bells.on.bobtail.ring (82.133.91.79)  156.060 ms  153.467 ms  147.566 ms
66  Making.spirits.bright (82.133.91.75)  154.545 ms  146.811 ms  164.212 ms
67  What.fun.it.is.to.ride.and.sing (82.133.91.82)  146.802 ms  156.057 ms  157.627 ms
68  A.sleighing.song.tonight (82.133.91.98)  147.468 ms  148.048 ms  148.202 ms
69  oOo (82.133.91.29)  169.488 ms  156.140 ms  146.594 ms
70  Jingle.bells.jingle.bells (82.133.91.91)  149.405 ms  147.309 ms  149.885 ms
71  Jingle.all.the.way (82.133.91.81)  147.528 ms  152.163 ms  162.643 ms
72  Oh.what.fun.it.is.to.ride (82.133.91.21)  148.221 ms  148.672 ms  155.447 ms
73  In.a.one-horse.open.sleigh (82.133.91.30)  145.895 ms  150.218 ms  150.723 ms
74  Jingle.bells.jingle.bells (82.133.91.59)  157.465 ms  157.238 ms  148.593 ms
75  Jingle.all.the.way (82.133.91.32)  149.462 ms  148.965 ms  150.207 ms
76  Oh.what.fun.it.is.to.ride (82.133.91.74)  156.425 ms  153.923 ms  148.276 ms
77  In.a.one-horse.open.sleigh (82.133.91.87)  146.874 ms  156.538 ms  149.652 ms
78  M-E-R-R-Y--C-H-R-I-S-T-M-A-S (82.133.91.72)  145.625 ms  156.200 ms  146.071 ms
79  Have.yourself.a.merry.little.Christmas (82.133.91.90)  155.789 ms  147.145 ms  156.051 ms
80  Let.your.heart.be.light (82.133.91.47)  148.308 ms  153.645 ms  147.440 ms
81  From.now.on (82.133.91.12)  148.154 ms  146.651 ms  149.013 ms
82  our.troubles.will.be.out.of.sight (82.133.91.99)  155.112 ms  154.470 ms  155.005 ms
83  oOo (82.133.91.22)  148.033 ms  150.713 ms  150.175 ms
84  Have.yourself.a.merry.little.Christmas (82.133.91.68)  148.183 ms  163.155 ms  155.142 ms
85  Make.the.Yule-tide.gay (82.133.91.52)  146.391 ms  144.659 ms  147.140 ms
86  From.now.on (82.133.91.66)  145.505 ms  146.407 ms  145.916 ms
87  our.troubles.will.be.miles.away (82.133.91.54)  148.138 ms  146.840 ms  153.899 ms
88  oOo (82.133.91.93)  162.987 ms  147.289 ms  156.463 ms
89  Here.we.are.as.in.olden.days (82.133.91.25)  156.433 ms  147.995 ms  157.982 ms
90  Happy.golden.days.of.yore (82.133.91.89)  155.275 ms  149.958 ms  155.338 ms
91  Faithful.friends.who.are.dear.to.us (82.133.91.46)  153.740 ms  146.164 ms  147.598 ms
92  Gather.near.to.us.once.more (82.133.91.69)  156.085 ms  154.181 ms  146.960 ms
93  oOo (82.133.91.85)  154.229 ms  145.904 ms  154.842 ms
94  Through.the.years (82.133.91.39)  159.886 ms  158.502 ms  148.180 ms
95  We.all.will.be.together (82.133.91.33)  147.462 ms  147.589 ms  158.578 ms
96  If.the.Fates.allow (82.133.91.44)  145.665 ms  155.215 ms  149.548 ms
97  Hang.a.shining.star.upon.the.highest.bough (82.133.91.97)  156.918 ms  155.705 ms  163.390 ms
98  And.have.yourself.A.merry.little.Christmas.now (82.133.91.88)  155.173 ms  145.481 ms  153.135 ms
99  o.O (82.133.91.11)  156.867 ms  145.141 ms  156.870 ms
100  48.61.70.70.79.20.48.6f.6c.69.64.61.79.73.20.46.72.65.65.6e.6f.64.65.20.23.63.69.73.63.6f (82.133.91.51)  148.932 ms  155.109 ms  155.636 ms
101  oOoOoOoOoOoOoOoOoOoOoOo.MyssT.oOoOoOoOoOoOoOoOoOoOoOo (77.75.106.106)  155.663 ms  150.728 ms  150.342 ms

RAT Bastard

Earlier this week, several servers I maintain were targeted by automated attempts to upload a remote access trojan (RAT). The RAT is a simpl...