FW: [LINK] unlawful interception of internet traffic?
Daniel Rose
drose at nla.gov.au
Fri Dec 8 09:00:23 AEDT 2006
<SNIP>
>
> > To test ... if you set your DNS lookup to come from elsehwere
> > (avoiding using the ISP's DNS resolvers) .. do you now get
> the correct results?
>
> yes. i've already tried this.
Craig, does this mean "yes other DNS servers work fine, I already tried
this" or does it mean "Yes I tried this and it's still broken".
If the latter, this implies that UDP:53 DNS packets outbound to a third
party are not only held undelelivered by the ISP, but that the ISP is
replying on behalf of the other server. A question arises; what's the
source IP address in the UDP packet contaning the DNS response? Is the
ISP spoofing, and pretending to actually BE the external server, or is
your host accepting responses and ignoring the source address? I would
hope that typically DNS responses with the wrong source IP are not
honoured by the client, but I'm not completely sure.
More information about the Link
mailing list