FW: [LINK] unlawful interception of internet traffic?
Saliya Wimalaratne
saliya at hinet.net.au
Fri Dec 8 10:20:30 AEDT 2006
On Fri, Dec 08, 2006 at 09:00:23AM +1100, Daniel Rose wrote:
> <SNIP>
>
> If the latter, this implies that UDP:53 DNS packets outbound to a third
> party are not only held undelelivered by the ISP, but that the ISP is
> replying on behalf of the other server. A question arises; what's the
> source IP address in the UDP packet contaning the DNS response? Is the
> ISP spoofing, and pretending to actually BE the external server, or is
> your host accepting responses and ignoring the source address? I would
> hope that typically DNS responses with the wrong source IP are not
> honoured by the client, but I'm not completely sure.
Last time I looked (about 3 years ago), Windows <all tested flavours>
would, Mac OS X wouldn't, and various flavours of Linux wouldn't.
Not sure now...
Regards,
Saliya
More information about the Link
mailing list