[infowar.de] .mil WHOIS server is offline

[Ralf Bendrath <bendrath -! - zedat - fu-berlin - de>]

Falls jemand Infos oder eine Meinung dazu hat: Bitte an die Liste sowie 
auf englisch an meinen alten Freund Jeff Porten aus Washington unter 
<http://jeffporten.com/2006/03/03/mil-whois-server-is-offline/#respond>.

RB

http://jeffporten.com/2006/03/03/mil-whois-server-is-offline/

March 3, 2006 2:32 pm

.mil WHOIS server is offline

This is an email I’m circulating on a few mailing lists, tracking down a 
weird problem I ran into today. If anyone knows more, please comment.

I’m doing some routine maintenance on our mail server and tracking back IP 
addresses with a database that queries various WHOIS servers. To my 
surprise, the .mil whois server at whois.nic.mil is offline — the domain 
itself doesn’t resolve any longer.

I spoke to the very nice customer support representative at the phone 
number I found on the web, who told me the following:

1) he wasn’t sure if this service was *ever* public. Which I find 
interesting, as it’s a coded flag in the whois man page.

2) he said I should refer all IPs I need to review directly to DoD CERT.

3) he said that he received many calls like this, and it’s “always” people 
spoofing the IP addresses of .mil computers. I mentioned that since I’m 
tracking spam flow, it’s likely to be someone with a legitimate .mil 
address and a compromised computer. He referred me again to CERT.

Anyway, this struck me as *very* odd, and I feel like I’m showing up in 
the middle of the story. Anyone know more about this?

---------------------------------------------------------------------
To unsubscribe, e-mail: infowar -
de-unsubscribe -!
- infopeace -
de
For additional commands, e-mail: infowar -
de-help -!
- infopeace -
de