今天早上开始,不断有客户反映,网站打不开,非常纳闷,顺便ping了下域名,
发现个严重问题,所有无法访问的域名ping出的IP竟然都是: 218.30.64.194
很明显是DNS被劫持,但是这个IP究竟是哪里的??
到晚上为止还是很多域名ping得的IP是218.30.64.194 ,非常的郁闷,这使
得怀疑是否电信搞鬼,而已劫持用户IE? 于是,ping index.asp 竟然能得到IP!!
真是见鬼!!同样,常用的默认首页index.htm 也ping的通,而且ping的IP竟然都是
218.30.64.194 到这就很明白了,电信在用户访问网站时候,如果网站地址出错,或
没这个网站的时候就自动转到 218.30.64.194这个IP!
大家都有经历,使用电信ADSL访问一个网页,如果不存在或是出错就会自动被转到 http://keyword.vnet.cn/errhint.html?kw=域名地址 ,现在我们就来测试下:
先ping我客户站的域名:
C:\Documents and Settings\李程>ping www.med126.com
Pinging www.med126.com [218.30.64.194] with 32 bytes of data:
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Reply from 218.30.64.194: bytes=32 time=43ms TTL=119
Ping statistics for 218.30.64.194:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 44ms, Average = 43ms
再ping所谓的"index.asp"空首页!!!!!
C:\Documents and Settings\李程>ping index.asp
Pinging index.asp [218.30.64.194] with 32 bytes of data:
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Reply from 218.30.64.194: bytes=32 time=43ms TTL=119
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Ping statistics for 218.30.64.194:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 44ms, Average = 43ms
再来看下电信的互联星空114页面:
C:\Documents and Settings\李程>ping keyword.vnet.cn
Pinging keyword.vnet.cn [218.30.64.194] with 32 bytes of data:
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Reply from 218.30.64.194: bytes=32 time=44ms TTL=119
Reply from 218.30.64.194: bytes=32 time=43ms TTL=119
Ping statistics for 218.30.64.194:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 44ms, Average = 43ms
到这真相已经大白!!!电信恶意强奸用户IE,劫持DNS!!目的只有一个,为他自己的 互联星空或是114页面上的广告刷访问!!! 真是变态!!!为了谋取自己的广告利润,就 这样强奸用户的电脑!!