FW: [LINK] unlawful interception of internet traffic?

Adam Todd link at todd.inoz.com
Fri Dec 8 10:54:14 AEDT 2006

At 09:00 AM 8/12/2006, Daniel Rose wrote:
> >
> > > To test ... if you set your DNS lookup to come from elsehwere
> > > (avoiding using the ISP's DNS resolvers) .. do you now get
> > the correct results?
> >
> > yes.  i've already tried this.
>Craig, does this mean "yes other DNS servers work fine, I already tried
>this" or does it mean "Yes I tried this and it's still broken".
>If the latter, this implies that UDP:53 DNS packets outbound to a third
>party are not only held undelelivered by the ISP, but that the ISP is
>replying on behalf of the other server.  A question arises; what's the
>source IP address in the UDP packet contaning the DNS response?  Is the
>ISP spoofing, and pretending to actually BE the external server, or is
>your host accepting responses and ignoring the source address? I would
>hope that typically DNS responses with the wrong source IP are not
>honoured by the client, but I'm not completely sure.

Not entirely true.  You can send a DNS request to my advertised servers and 
get a DNS reply from another server with authority on my network.  It all 
depends on what is requested.

It's VERY rare that a reply will be sent from an IP address that is not the 
original Destination, but I have noticed it does happen under some 
circumstances with some of the domain names I host in special configurations.

Forwarding requests are always replied by the forwarder.

>Link mailing list
>Link at mailman.anu.edu.au

More information about the Link mailing list