FW: [LINK] unlawful interception of internet traffic?
Adam Todd
link at todd.inoz.com
Fri Dec 8 10:54:14 AEDT 2006
At 09:00 AM 8/12/2006, Daniel Rose wrote:
><SNIP>
>
>
> >
> > > To test ... if you set your DNS lookup to come from elsehwere
> > > (avoiding using the ISP's DNS resolvers) .. do you now get
> > the correct results?
> >
> > yes. i've already tried this.
>
>
>Craig, does this mean "yes other DNS servers work fine, I already tried
>this" or does it mean "Yes I tried this and it's still broken".
>
>If the latter, this implies that UDP:53 DNS packets outbound to a third
>party are not only held undelelivered by the ISP, but that the ISP is
>replying on behalf of the other server. A question arises; what's the
>source IP address in the UDP packet contaning the DNS response? Is the
>ISP spoofing, and pretending to actually BE the external server, or is
>your host accepting responses and ignoring the source address? I would
>hope that typically DNS responses with the wrong source IP are not
>honoured by the client, but I'm not completely sure.
Not entirely true. You can send a DNS request to my advertised servers and
get a DNS reply from another server with authority on my network. It all
depends on what is requested.
It's VERY rare that a reply will be sent from an IP address that is not the
original Destination, but I have noticed it does happen under some
circumstances with some of the domain names I host in special configurations.
Forwarding requests are always replied by the forwarder.
>_______________________________________________
>Link mailing list
>Link at mailman.anu.edu.au
>http://mailman.anu.edu.au/mailman/listinfo/link
More information about the Link
mailing list