Jump to content

Domain name resolution...

Guest Andrew Meador

By Guest Andrew Meador
in Windows 2003 Server

 Share

Recommended Posts

Guest Andrew Meador

Guest Andrew Meador

Posted
Posted

Please do not follow this link, or do so at your own risk - if it

even works!

 

I got an e-mail that I suspect is linking me back to a boggus

PayPal site. The link is:

 

htp://1422718346:82/cmd_home/index.php

 

I changed http to htp so this would not create an active link. But

will this resolve? Can this work as a dns/domain name? I've never seen

a domain name like that before and wonder if there is something new

being done in domain name resolution, or if I missed something and

this has always been able to be done.

 

I know this is an odd place to post this, but I figured server

admins with DNS expertise would know. I didn't follow the link, maybe

it works, maybe it doesn't, but I don't trust that this is a

legititmate PayPal site and didn't want to activate some web-virus or

something.

 

Anyway, if this does work for a domain name, how? Thanks!

  • Replies 7
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Harry Bates

Guest Harry Bates

Posted
Posted

Re: Domain name resolution...

 

I dont know what you are asking, but I can tell you thet the http is a

protcol, not a domain name. "htp" is not a valid protocol so that will not

work. Second, the domain name will not work whatsoever because it is not

valid. If that was suppose to be an IP address you would nee a dot between

quadrents. I still have no idea what you are trying to do, why not just

delete the email and bbe done with it?

 

"Andrew Meador" <ameador1@hotmail.com> wrote in message

news:e944bd23-ba82-4a89-81ca-dc708b8193b2@f47g2000hsd.googlegroups.com...

> Please do not follow this link, or do so at your own risk - if it

> even works!

>

> I got an e-mail that I suspect is linking me back to a boggus

> PayPal site. The link is:

>

> htp://1422718346:82/cmd_home/index.php

>

> I changed http to htp so this would not create an active link. But

> will this resolve? Can this work as a dns/domain name? I've never seen

> a domain name like that before and wonder if there is something new

> being done in domain name resolution, or if I missed something and

> this has always been able to be done.

>

> I know this is an odd place to post this, but I figured server

> admins with DNS expertise would know. I didn't follow the link, maybe

> it works, maybe it doesn't, but I don't trust that this is a

> legititmate PayPal site and didn't want to activate some web-virus or

> something.

>

> Anyway, if this does work for a domain name, how? Thanks!

>

Guest Osman Shener

Guest Osman Shener

Posted
Posted

Re: Domain name resolution...

 

Decimal Hexadecimal Four Octets (Convert Hex to Dec.s like

54 = 5*16+4 , (C=12) 12*16+12=204....)

1422718346 is 54 CC F5 8A > 84.204.245.138

 

 

Osman Shener

 

"Andrew Meador" <ameador1@hotmail.com> wrote in message

news:e944bd23-ba82-4a89-81ca-dc708b8193b2@f47g2000hsd.googlegroups.com...

> Please do not follow this link, or do so at your own risk - if it

> even works!

>

> I got an e-mail that I suspect is linking me back to a boggus

> PayPal site. The link is:

>

> htp://1422718346:82/cmd_home/index.php

>

> I changed http to htp so this would not create an active link. But

> will this resolve? Can this work as a dns/domain name? I've never seen

> a domain name like that before and wonder if there is something new

> being done in domain name resolution, or if I missed something and

> this has always been able to be done.

>

> I know this is an odd place to post this, but I figured server

> admins with DNS expertise would know. I didn't follow the link, maybe

> it works, maybe it doesn't, but I don't trust that this is a

> legititmate PayPal site and didn't want to activate some web-virus or

> something.

>

> Anyway, if this does work for a domain name, how? Thanks!

>

Guest Andrew Meador

Guest Andrew Meador

Posted
Posted

Re: Domain name resolution...

 

On Jan 14, 11:33 am, "Osman Shener" <oshe...@hotmail.com> wrote:

> Decimal            Hexadecimal      Four Octets (Convert Hex to Dec.s like

> 54 = 5*16+4 , (C=12) 12*16+12=204....)

> 1422718346 is 54 CC F5 8A > 84.204.245.138

>

> Osman Shener

>

> "Andrew Meador" <amead...@hotmail.com> wrote in message

>

> news:e944bd23-ba82-4a89-81ca-dc708b8193b2@f47g2000hsd.googlegroups.com...

>

>

>

> >   Please do not follow this link, or do so at your own risk - if it

> > even works!

>

> >   I got an e-mail that I suspect is linking me back to a boggus

> > PayPal site. The link is:

>

> >      htp://1422718346:82/cmd_home/index.php

>

> >   I changed http to htp so this would not create an active link. But

> > will this resolve? Can this work as a dns/domain name? I've never seen

> > a domain name like that before and wonder if there is something new

> > being done in domain name resolution, or if I missed something and

> > this has always been able to be done.

>

> >   I know this is an odd place to post this, but I figured server

> > admins with DNS expertise would know. I didn't follow the link, maybe

> > it works, maybe it doesn't, but I don't trust that this is a

> > legititmate PayPal site and didn't want to activate some web-virus or

> > something.

>

> >   Anyway, if this does work for a domain name, how? Thanks!- Hide quoted text -

>

> - Show quoted text -

 

So, this is standard? IE, DNS system, or something else, converts

the decimal number to hex, then uses the octets for the IP address.

What does this conversion? IE, DNS, TCP/IP stack, etc...? Would this

work in any browser? This seems sneaky - well, how this is being used

in this case, ecpecially with the port 82 modification. It's annoying

that people go to such lengths to cause trouble.

 

Thanks!

Guest Andrew Meador

Guest Andrew Meador

Posted
Posted

Re: Domain name resolution...

 

On Jan 14, 11:10 am, "Harry Bates" <harry.ba...@NO-SPAMlmco.com>

wrote:

> I dont know what you are asking, but I can tell you thet the http is a

> protcol, not a domain name. "htp" is not a valid protocol so that will not

> work. Second, the domain name will not work whatsoever because it is not

> valid. If that was suppose to be an IP address you would nee a dot between

> quadrents. I still have no  idea what you are trying to do, why not just

> delete the email and bbe done with it?

>

> "Andrew Meador" <amead...@hotmail.com> wrote in message

>

> news:e944bd23-ba82-4a89-81ca-dc708b8193b2@f47g2000hsd.googlegroups.com...

>

>

>

> >   Please do not follow this link, or do so at your own risk - if it

> > even works!

>

> >   I got an e-mail that I suspect is linking me back to a boggus

> > PayPal site. The link is:

>

> >      htp://1422718346:82/cmd_home/index.php

>

> >   I changed http to htp so this would not create an active link. But

> > will this resolve? Can this work as a dns/domain name? I've never seen

> > a domain name like that before and wonder if there is something new

> > being done in domain name resolution, or if I missed something and

> > this has always been able to be done.

>

> >   I know this is an odd place to post this, but I figured server

> > admins with DNS expertise would know. I didn't follow the link, maybe

> > it works, maybe it doesn't, but I don't trust that this is a

> > legititmate PayPal site and didn't want to activate some web-virus or

> > something.

>

> >   Anyway, if this does work for a domain name, how? Thanks!- Hide quoted text -

>

> - Show quoted text -

 

One, read my email. I said I changed "http" to "htp" so this would

not show up in your newsreader software as a hyperlink; so as to make

it harder to "accidentally" follow the link - as I suspect it is

potentially malicious. Two, I know that http is a protocol and htp is

not (thus my intentional name change to break the auto-hyperlinking

function that many newsreader softwares out there may have applied to

it. Third, this is not the point of my post, the domain name part of

the post is my focus. As Osman Shener explained, this IS a valid web

link, as the number is converted to hex and then the octets of the hex

version of the number are used as the IP. Fourth, I could have simply

deleted it and could have just gone about my mary way, but now thanks

to Osman Shener, I know another little piece of information about how

something I work with - works. I find knowledge to be a useful thing.

Guest Harry Bates

Guest Harry Bates

Posted
Posted

Re: Domain name resolution...

 

To answer some of your post, this has nothing to do with DNS. DNS is domain

name service, and since you just clarified what you were asking, DNS does

not come into play. Therefor your question did not make sense to me, and the

link would be invalid because there is no valid root listed. I am behind a

firewall at the moment but will a browser actually open this link? I'd have

to try when I get home on my test bed. I also did not understand your post

completely, which is why I stated "I don't know what you are asking". Maybe

that question could have clued you in that I needed more information, but

guess not. Glad you got your answer.

 

"Andrew Meador" <ameador1@hotmail.com> wrote in message

news:f685772b-b3c9-4811-87bc-0e04d4944209@v29g2000hsf.googlegroups.com...

On Jan 14, 11:10 am, "Harry Bates" <harry.ba...@NO-SPAMlmco.com>

wrote:

> I dont know what you are asking, but I can tell you thet the http is a

> protcol, not a domain name. "htp" is not a valid protocol so that will not

> work. Second, the domain name will not work whatsoever because it is not

> valid. If that was suppose to be an IP address you would nee a dot between

> quadrents. I still have no idea what you are trying to do, why not just

> delete the email and bbe done with it?

>

> "Andrew Meador" <amead...@hotmail.com> wrote in message

>

> news:e944bd23-ba82-4a89-81ca-dc708b8193b2@f47g2000hsd.googlegroups.com...

>

>

>

> > Please do not follow this link, or do so at your own risk - if it

> > even works!

>

> > I got an e-mail that I suspect is linking me back to a boggus

> > PayPal site. The link is:

>

> > htp://1422718346:82/cmd_home/index.php

>

> > I changed http to htp so this would not create an active link. But

> > will this resolve? Can this work as a dns/domain name? I've never seen

> > a domain name like that before and wonder if there is something new

> > being done in domain name resolution, or if I missed something and

> > this has always been able to be done.

>

> > I know this is an odd place to post this, but I figured server

> > admins with DNS expertise would know. I didn't follow the link, maybe

> > it works, maybe it doesn't, but I don't trust that this is a

> > legititmate PayPal site and didn't want to activate some web-virus or

> > something.

>

> > Anyway, if this does work for a domain name, how? Thanks!- Hide quoted

> > text -

>

> - Show quoted text -

 

One, read my email. I said I changed "http" to "htp" so this would

not show up in your newsreader software as a hyperlink; so as to make

it harder to "accidentally" follow the link - as I suspect it is

potentially malicious. Two, I know that http is a protocol and htp is

not (thus my intentional name change to break the auto-hyperlinking

function that many newsreader softwares out there may have applied to

it. Third, this is not the point of my post, the domain name part of

the post is my focus. As Osman Shener explained, this IS a valid web

link, as the number is converted to hex and then the octets of the hex

version of the number are used as the IP. Fourth, I could have simply

deleted it and could have just gone about my mary way, but now thanks

to Osman Shener, I know another little piece of information about how

something I work with - works. I find knowledge to be a useful thing.

Guest Ryan

Guest Ryan

Posted
Posted

Re: Domain name resolution...

 

On Jan 14, 10:03 am, Andrew Meador <amead...@hotmail.com> wrote:

>    Please do not follow this link, or do so at your own risk - if it

> even works!

>

>    I got an e-mail that I suspect is linking me back to a boggus

> PayPal site. The link is:

>

>       htp://1422718346:82/cmd_home/index.php

>

>    I changed http to htp so this would not create an active link. But

> will this resolve? Can this work as a dns/domain name? I've never seen

> a domain name like that before and wonder if there is something new

> being done in domain name resolution, or if I missed something and

> this has always been able to be done.

>

>    I know this is an odd place to post this, but I figured server

> admins with DNS expertise would know. I didn't follow the link, maybe

> it works, maybe it doesn't, but I don't trust that this is a

> legititmate PayPal site and didn't want to activate some web-virus or

> something.

>

>    Anyway, if this does work for a domain name, how? Thanks!

 

An IP address is basically a 32 bit number which can be represented in

different ways, including the integer representation in the e-mail you

received. The more familiar "dotted quad" notation is usually easier

for humans to read and makes subnet boundaries easier to identify.

Spammers probably use integer representations of IP addresses since

browsers recognize it and it obfuscates what is going on behind the

scenes.

 

Osman's conversion to Hex makes conversion to the dotted quad format

fairly straightforward. You could also use binary, but that gets long

since you'll have up to 32 1's and 0's. Most other other numerical

bases will be unwieldy for this type of conversion, in my opinion.

 

-ryan

Guest Harry Bates

Guest Harry Bates

Posted
Posted

Re: Domain name resolution...

 

Just tried it and a browser does convert it correctly.

 

"Harry Bates" <harry.bates@NO-SPAMlmco.com> wrote in message

news:%23K6UMEuVIHA.536@TK2MSFTNGP06.phx.gbl...

> To answer some of your post, this has nothing to do with DNS. DNS is

> domain name service, and since you just clarified what you were asking,

> DNS does not come into play. Therefor your question did not make sense to

> me, and the link would be invalid because there is no valid root listed. I

> am behind a firewall at the moment but will a browser actually open this

> link? I'd have to try when I get home on my test bed. I also did not

> understand your post completely, which is why I stated "I don't know what

> you are asking". Maybe that question could have clued you in that I needed

> more information, but guess not. Glad you got your answer.

>

> "Andrew Meador" <ameador1@hotmail.com> wrote in message

> news:f685772b-b3c9-4811-87bc-0e04d4944209@v29g2000hsf.googlegroups.com...

> On Jan 14, 11:10 am, "Harry Bates" <harry.ba...@NO-SPAMlmco.com>

> wrote:

>> I dont know what you are asking, but I can tell you thet the http is a

>> protcol, not a domain name. "htp" is not a valid protocol so that will

>> not

>> work. Second, the domain name will not work whatsoever because it is not

>> valid. If that was suppose to be an IP address you would nee a dot

>> between

>> quadrents. I still have no idea what you are trying to do, why not just

>> delete the email and bbe done with it?

>>

>> "Andrew Meador" <amead...@hotmail.com> wrote in message

>>

>> news:e944bd23-ba82-4a89-81ca-dc708b8193b2@f47g2000hsd.googlegroups.com...

>>

>>

>>

>> > Please do not follow this link, or do so at your own risk - if it

>> > even works!

>>

>> > I got an e-mail that I suspect is linking me back to a boggus

>> > PayPal site. The link is:

>>

>> > htp://1422718346:82/cmd_home/index.php

>>

>> > I changed http to htp so this would not create an active link. But

>> > will this resolve? Can this work as a dns/domain name? I've never seen

>> > a domain name like that before and wonder if there is something new

>> > being done in domain name resolution, or if I missed something and

>> > this has always been able to be done.

>>

>> > I know this is an odd place to post this, but I figured server

>> > admins with DNS expertise would know. I didn't follow the link, maybe

>> > it works, maybe it doesn't, but I don't trust that this is a

>> > legititmate PayPal site and didn't want to activate some web-virus or

>> > something.

>>

>> > Anyway, if this does work for a domain name, how? Thanks!- Hide quoted

>> > text -

>>

>> - Show quoted text -

>

> One, read my email. I said I changed "http" to "htp" so this would

> not show up in your newsreader software as a hyperlink; so as to make

> it harder to "accidentally" follow the link - as I suspect it is

> potentially malicious. Two, I know that http is a protocol and htp is

> not (thus my intentional name change to break the auto-hyperlinking

> function that many newsreader softwares out there may have applied to

> it. Third, this is not the point of my post, the domain name part of

> the post is my focus. As Osman Shener explained, this IS a valid web

> link, as the number is converted to hex and then the octets of the hex

> version of the number are used as the IP. Fourth, I could have simply

> deleted it and could have just gone about my mary way, but now thanks

> to Osman Shener, I know another little piece of information about how

> something I work with - works. I find knowledge to be a useful thing.

>

 Share
Go to topic listing
×
×
  • Create New...