1

I was preparing a new website on my cloud server and before changing the domain's pointing IP I decided to use telnet to make a quick test.

Since each site is a vhost I can use a different domain (which points to the same server) and I get a result like this:

$ telnet domain.example.com 80
Trying <server.ip>...
Connected to domain.example.com.
...

All good, but then I tried to connect to the IP directly:

$ telnet <server.ip> 80

And got an interesting response:

Trying <server.ip>...
Connected to <different-domain.com>.

Where is this unknown different-domain coming from? Is it a random thing? Does it mean I've got a security problem?

Daniel Ferradal
  • 2,415
  • 1
  • 8
  • 13
winck
  • 113
  • 5

1 Answers1

4

It just means that in the DNS this IP address has a PTR record pointing to different-domain.com. Do a dig -x <server.ip> and you will see the name. For HTTP traffic, that will not create any kind of problems (the situation would be different for emails). You do not have a security problem just from that configuration case.

Patrick Mevzek
  • 9,921
  • 7
  • 32
  • 43