The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

parked domains, exposed?

Discussion in 'General Discussion' started by Kent Brockman, Feb 4, 2009.

  1. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi there people, I want to ask some answers about something really strange happening in our box. We are hosting several domains, some of them are private ones and have not an index page (they are used for enterprise online backups), therefore, and taking in account that they are .com.ar, nobody can know that they even exist, ok?
    And the other hand, some other domains have parked domain names that also nobody knows they do exist, right?
    Well, despite of this, we have mod_security alerts reporting that "Request Indicates an automated program explored the site", and the recursive point of origin of these requests is in Korea (.KR). How did they (koreans) know about the existence of this domains that nobody is meant to know about?
    This box have cPanel 11.24.4-S33345 - WHM 11.24.2 - X 3.9, CENTOS 4.6 i686 on virtuozzo. We do use CSF firewall in a very strict way.

    There is anything about Bind that we should know? anything that could reveal the domain names hosted in a given webserver? If the domains were .com I understand that there are public registries revealing how many and which domains are associated to any given IP, but that info is not available publicly for .com.ar domain names.

    May anybody bring an explanation?
    Thanks
     
  2. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    hellooo
    nobody knows?
     
  3. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    If it's on the Internet, consider it public.

    If you want some form of protection, password protect the access.
     
  4. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Nop, you didn't get the point. For .com.ar domains there is not a public way to know how many and which domains are under the same dns. So, if nobody can know about the existence of a given domain, how can a third party guess its domain name? May be anything in the way dns or bind works that may allow them to obtain a query to know what domain names are working here?
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  6. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Whoa, the domaintools' reverse IP service worked fine showing some of the domains I reported. Domaintools reported 38 of the really 143 domains allocated, what stopped them from showing the whole scenario?
    It is a paid service, so spammers shall be doing good money to afford that or... have their own reverse IP systems. Is there any way I can block those dns queries or simply one cannot distinguish between genuine queries and bad ones?
     
Loading...

Share This Page