[dns-operations] [hello at axfrcheck.com: AXFR Securit - alert - XXXXXX.fr]
Dave Warren
davew at hireahit.com
Mon May 30 00:14:06 UTC 2016
On 2016-05-29 02:35, Stephane Bortzmeyer wrote:
> We received this since, apparently, they send email to every email
> address in the changed: attribute of the whois output :-( (I'm not
> involved in the management of this domain name.)
>
> Does anyone know these people who spread FUD about AXFR-enabled
> domains?
>
> ----- Forwarded message from AXFR Check Team <hello at axfrcheck.com> -----
>
<...>
> 4. https://hu.linkedin.com/in/zvigh
>
Dear Zoltan,
My crack team of crack researchers have found some critical security
issues in your social media profile configurations. These misconfigured
profiles are very vulnerable and can cause your Personal Information
including but not limited to your name, occupation, geographical
location, timezone, and various biometric data open to the public at large.
Here are some potentially affected URLs:
https://hu.linkedin.com/in/zvigh
https://twitter.com/ptzool
Number of affected idiots:
A team of at least 1
About the HTTP protocol and related services:
https://tools.ietf.org/html/rfc2616
https://tools.ietf.org/html/rfc2818
https://www.linkedin.com/about-us
https://about.twitter.com/
You can fix this problem by sticking to shoddy PHP programming and
limiting your commentary on intentionally publicly available DNS
information being made available publicly.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
More information about the dns-operations
mailing list