MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET
MICROSOFT.COM.IS.GOD.BECOUSE.UNIXSUCKS.COM
<Snip>And a dozen more examples</Snip>
Cute, huh? I'm guessing that the whois.internic.net server has been hacked?
Why the disparity between this and the regular internic lookup?
[edited by: Webwork at 12:55 pm (utc) on July 28, 2006]
[edit reason]
[1][edit reason] Tidying up [/edit] [/edit][/1]
Note that these are just "comments" and aren't doing any harm. Perhaps that's why they've (apparently) gone unnoticed for a while?
whois.internic.net will never give you actual WHOIS information, in any case. It just gives you a referral to the WHOIS server that has the actual data. Most WHOIS tools first look at whois.internic.net, and then look at the WHOIS server indicated there.
If, indeed, whois.internic.net has been compromised, that is major news. If somebody inserted comments into Microsoft's record, they probably could have changed the pointer to the authorative WHOIS server.
See this explanation from 2003:
[lists.grok.org.uk...]
Same thing happens for google.com and quite a few other domains.
