Hi Nick and List
Yes it's possible. The dud DNS response in some parts of the internet was
the public IP address being used by their proxy server. I'm not sure what
the proxy is, but it's a windows box. I was going to try to dig trace but
by then the poisoning suddenly stopped happening. Any othe
> Date: Wed, 3 Dec 2014 17:56:23 +0100
> From: bortzme...@nic.fr
> To: notify.s...@gmail.com
> Subject: Re: How to track DNS resolution sources
> CC: nanog@nanog.org
>
> On Wed, Dec 03, 2014 at 05:22:58PM +0100,
> Notify Me wrote
> a message of 13 lines which said
On Wed, Dec 03, 2014 at 11:32:08AM -0500,
TR Shaw wrote
a message of 20 lines which said:
> On the command line:
>
> host spoofed.host.name.com
Excuse me but it is useless. It tests only the local resolver (which
may be unpoisoned). It provides no details that could help to debug
the problem
On Wed, Dec 03, 2014 at 05:22:58PM +0100,
Notify Me wrote
a message of 13 lines which said:
> I hope I'm wording this correctly.
Not really :-)
> I had a incident at a client site where a DNS record was being
> spoofed.
How do you know? What steps did you use to assert this? Answers to
thes
On the command line:
host spoofed.host.name.com
On Dec 3, 2014, at 11:22 AM, Notify Me wrote:
> Hi!
>
> I hope I'm wording this correctly. I had a incident at a client site where
> a DNS record was being spoofed. How does one track down the IP address
> that's returning the false records ? Wh
Hi!
I hope I'm wording this correctly. I had a incident at a client site where
a DNS record was being spoofed. How does one track down the IP address
that's returning the false records ? What tool can one use?
Thanks!
--
Sent from MetroMail
6 matches
Mail list logo
