ATTBI just changed DNS servers, but did they break prorocol to be friendly?

Chuck Young chy at genuity.com
Thu Nov 7 18:24:54 EST 2002


I also run an appliance.  Just browse to it and renew your external lease to
see the new servers and you are set.  My question is: how many of you got the
AT&T splash page saying you got there (the splash page) because you are doing
a static resolver thing and need to change your DNS settings?  How does that
work?

Let's see:

1) I send a UDP 53 packet to x.y.z.1 asking the address for some browser home
page like www.google.com

2) The x.y.z.1 host no longer functions as a DNS cache-box (or does it?)

3) Since it "does not cache or do recursive work" any more, instead of
dropping the packet, forcing a timeout and getting my host to drop through to
the next-in-line backup nameserver (which was valid in my host's case), does
it become authoritative for everything and redirect you to a nicely spoofed
server that tells you it's time to change your DNS settings?

The friendly DNS server?  Maybe I just have not met that protocol until today?

This is my guess.  Do you have one?

---------------
Chuck Young
Security Consulting
Genuity E-Services
--------------------

> -----Original Message-----
> From: discuss-admin at blu.org [mailto:discuss-admin at blu.org]On Behalf Of
> Jerry Feldman
> Sent: Thursday, November 07, 2002 5:02 PM
> To: discuss at blu.org
> Subject: ATTBI just changed DNS servers
>
>
> Can anyone let me know what DNS servers are currently in effect. My system
> uses a cable modem router so I can't easily get the correct DNS servers for
> my wife's system. I can log into my Linux system and change my resolv.conf.
> I can use name servers external to attbi, such as USDC. I'm just trying to
> get my wife up and running until I get home.
> --
> Jerry Feldman <gerald.feldman at hp.com>
> Enterprise Systems Group
> Hewlett-Packard Company
> 550 King Street MS LKG2A-X2
> Littleton, MA 01460-1250
> 978-506-5243 http://www.testdrive.hp.com/
>
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss




More information about the Discuss mailing list