Debian User Forums

Posted: **2016-09-03 02:21**

I got an email notification of topic reply which asked me to log in when I clicked the link. I did so and it took me to the forum. However shortly afterward I noticed the actual address was shown as IP address in the URL bar, not "forums.debian.net" as usual. Is this suspicious?
The address is http://217.196.43.138/viewtopic.php?f=7&t=12131.... etc.

It resolves to

IP Address : 217.196.43.138
Location : Netherlands (95% accuracy)
Host Name : tartini.debian.net

whereas debian.net is

Host Name : debian.net
IP Address : 5.153.231.4 and 128.31.0.62 and 130.89.148.14 and 140.211.15.34 and 149.20.20.22
Location : United States

I guess it's just a mirror but just wondering why it doesn't resolve the IP address. Another topic notification email I got at the same time resolved normally.

Posted: **2016-09-03 02:47**

I got an email notification of topic reply which asked me to log in when I clicked the link. I did so and it took me to the forum.

I hope you didn't login, ?

Well one thing, there has been no replies since 2007, :

Postby ghostdawg » 2007-02-09 06:37

Here is the real thread on this forum :
http://forums.debian.net/viewtopic.php?f=5&t=12131
And there have been no recent posts to it.

Is this suspicious?

To me it is, but maybe some of the forum admins know more about this.

Posted: **2016-09-03 03:09**

sunrat wrote:Is this suspicious?

Nope. That's the correct IP address.

Code: Select all

$dig forums.debian.net

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> forums.debian.net
[snip]

;; ANSWER SECTION:
forums.debian.net.      3246    IN      A       217.196.43.138

The forums are hosted on their own server, whose name is indeed tartini (and has been for as long as I can remember):

Code: Select all

$ dig  -x 217.196.43.138

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -x 217.196.43.138
[snip]
;; ANSWER SECTION:
138.43.196.217.in-addr.arpa. 27703 IN   PTR     tartini.debian.net.

I'm not 100% sure of the country in which tartini resides, though I have a very strong recollection of it being somewhere in the general area of northwest Europe.

Good catch, though.

Better safe, and all that.

Edit: Downgraded what sounded like firsthand knowledge to something slightly less certain.

Posted: **2016-09-03 04:34**

dasein wrote: I'm not 100% sure of the country in which tartini resides, though I know it's somewhere in the general area of northwest Europe.

whois says Netherlands

Good catch, though. Better safe, and all that.

I thought it was probably legit after doing lookups, but worth a mention. Wondering more why it didn't resolve to hostname as it always had in the past.

Posted: **2016-09-03 06:02**

sunrat wrote:I thought it was probably legit after doing lookups, but worth a mention.

Absolutely.

sunrat wrote:Wondering more why it didn't resolve to hostname as it always had in the past.

DNS gremlins, mebbe. Or possible browser bug. Invisible Pink Unicorns possible, but unproved.

Debian User Forums

Suspicious forum notifications/ website

Suspicious forum notifications/ website

Re: Suspicious forum notifications/ website

Re: Suspicious forum notifications/ website

Re: Suspicious forum notifications/ website

Re: Suspicious forum notifications/ website