Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

parked domains, exposed?

Discussion in 'General Discussion' started by Kent Brockman, Feb 4, 2009.

  1. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,178
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi there people, I want to ask some answers about something really strange happening in our box. We are hosting several domains, some of them are private ones and have not an index page (they are used for enterprise online backups), therefore, and taking in account that they are .com.ar, nobody can know that they even exist, ok?
    And the other hand, some other domains have parked domain names that also nobody knows they do exist, right?
    Well, despite of this, we have mod_security alerts reporting that "Request Indicates an automated program explored the site", and the recursive point of origin of these requests is in Korea (.KR). How did they (koreans) know about the existence of this domains that nobody is meant to know about?
    This box have cPanel 11.24.4-S33345 - WHM 11.24.2 - X 3.9, CENTOS 4.6 i686 on virtuozzo. We do use CSF firewall in a very strict way.

    There is anything about Bind that we should know? anything that could reveal the domain names hosted in a given webserver? If the domains were .com I understand that there are public registries revealing how many and which domains are associated to any given IP, but that info is not available publicly for .com.ar domain names.

    May anybody bring an explanation?
    Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,178
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    hellooo
    nobody knows?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,563
    Likes Received:
    42
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    If it's on the Internet, consider it public.

    If you want some form of protection, password protect the access.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,178
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Nop, you didn't get the point. For .com.ar domains there is not a public way to know how many and which domains are under the same dns. So, if nobody can know about the existence of a given domain, how can a third party guess its domain name? May be anything in the way dns or bind works that may allow them to obtain a query to know what domain names are working here?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,260
    Likes Received:
    390
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    cPanelKenneth likes this.
  6. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,178
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Whoa, the domaintools' reverse IP service worked fine showing some of the domains I reported. Domaintools reported 38 of the really 143 domains allocated, what stopped them from showing the whole scenario?
    It is a paid service, so spammers shall be doing good money to afford that or... have their own reverse IP systems. Is there any way I can block those dns queries or simply one cannot distinguish between genuine queries and bad ones?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice