Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > DNS server question...

Reply
Thread Tools

DNS server question...

 
 
R Green - WoWsat.com
Guest
Posts: n/a
 
      01-27-2004
Recently, my ISP is having DNS caching problems and I had to point
my router to another DNS server (instead of using my ISP's).. my question is
this as I'm not familiar with DNS server configurations:

Can info be extracted from that DNS server that I am pointing to temporarily
(ie. passwords, http queries, pop accounts, etc?) by someone in control of
that DNS server?

--
R Green
Tech Support
----------------------
WoWsat.com
----------------------


 
Reply With Quote
 
 
 
 
Will Dormann
Guest
Posts: n/a
 
      01-27-2004
R Green - WoWsat.com wrote:

> Recently, my ISP is having DNS caching problems and I had to point
> my router to another DNS server (instead of using my ISP's).. my question is
> this as I'm not familiar with DNS server configurations:
>
> Can info be extracted from that DNS server that I am pointing to temporarily
> (ie. passwords, http queries, pop accounts, etc?) by someone in control of
> that DNS server?
>



How would passwords, http quesries, pop accounts be sent to the DNS
server? Your machine asks the dns server what IP a particular name is
(or vice-versa), and the dns server replies. That's it.


-WD
 
Reply With Quote
 
 
 
 
Rowdy Yates
Guest
Posts: n/a
 
      01-28-2004
DNS just translates ip --> hostname and vice verse. does not do anything
else. what can happen is dsn poisoning.

for example. your web site is www.green.com and your ip is 123.123.123.123
someone can copy your entire web site on another server, give it ip
321.321.321.321 and put a fake entry in the DSN to send people going to
www.green.com from your server the the fake server. then any password, user
name e.t.c.. people type will be captured by the malicious party on their
servers.


"R Green - WoWsat.com" <[news]@wowsat.com> wrote in
news:veCRb.19281$P51.15632@clgrps12:

> Recently, my ISP is having DNS caching problems and I had to point
> my router to another DNS server (instead of using my ISP's).. my
> question is this as I'm not familiar with DNS server configurations:
>
> Can info be extracted from that DNS server that I am pointing to
> temporarily (ie. passwords, http queries, pop accounts, etc?) by
> someone in control of that DNS server?
>




--
Rowdy Yates
I am Against-TCPA
http://www.againsttcpa.com
 
Reply With Quote
 
me
Guest
Posts: n/a
 
      01-28-2004
Will Dormann wrote:

> R Green - WoWsat.com wrote:
>
>> Recently, my ISP is having DNS caching problems and I had to point
>> my router to another DNS server (instead of using my ISP's).. my question
>> is this as I'm not familiar with DNS server configurations:
>>
>> Can info be extracted from that DNS server that I am pointing to
>> temporarily (ie. passwords, http queries, pop accounts, etc?) by someone
>> in control of that DNS server?
>>

>
>
> How would passwords, http quesries, pop accounts be sent to the DNS
> server? Your machine asks the dns server what IP a particular name is
> (or vice-versa), and the dns server replies. That's it.


If the DNS server is a compromised one and the services used require a DNS
server to resolve the hostname, then that isn't too hard to do. The
malicious server would just have to have dns records pointing any domain
that is attempted to be resolved to whatever IP they feel like and then run
a fake service on each port for each service they want to capture something
on and then capture the password(s) for that service, which would work
quite well for various protocols that pass passwords around in plain text
such as regular POP3 that sends plain text passwords across the connection
in the clear. So, if you can't trust the DNS server, it is a good idea to
not use it at all.
 
Reply With Quote
 
Steve Smith
Guest
Posts: n/a
 
      02-01-2004
I also have DNS server questions. I recently had problems connecting to the net and I was able to ping IP addresses but not domain names. This showed the problem was with DNS. I pinged the DNS servers and the "Request timed out". The ISP had provided static IP addresses and DNS server IPs which had been entered manually. I was successful in pinging a third DNS server IP address and when I tried this one, my Internet connection worked fine. Is it correct to assume that if you can't ping the IP address of a DNS server, then it's not going to work? Is there a better utility besides Ping for trouble shooting DNS servers? I'm also wondering if it's possible to use another ISP's DNS server?

Thanks,
Steve Smith

 
Reply With Quote
 
Hairy One Kenobi
Guest
Posts: n/a
 
      02-01-2004
"Steve Smith" <(E-Mail Removed)> wrote in message
news:KeZSb.5298$gl2.3622@lakeread05...
> I also have DNS server questions. I recently had problems connecting to

the
> net and I was able to ping IP addresses but not domain names. This showed
> the problem was with DNS. I pinged the DNS servers and the "Request timed
> out". The ISP had provided static IP addresses and DNS server IPs which

had
> been entered manually. I was successful in pinging a third DNS server IP
> address and when I tried this one, my Internet connection worked fine. Is
> it correct to assume that if you can't ping the IP address of a DNS

server,
> then it's not going to work? Is there a better utility besides Ping for
> trouble shooting DNS servers? I'm also wondering if it's possible to use
> another ISP's DNS server?


nslookup. Not available with Win9x, but there are other tools that so the
same job and are readily available. Google is your friend..

Some ISPs (not all) allow you to use their DNSes.. remember that the longer
the time it takes to lookup an address, the longer everything else will
wait..

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to configure win 2k3 DNS so it won't try to register it to dns roots? juska General Computer Support 1 11-12-2007 06:15 PM
PIX 501 relay client DNS requests out to an internet DNS server? nicough@gmail.com Cisco 1 11-18-2006 03:29 PM
DNS query to internal DNS server from static NAT host none Cisco 5 04-25-2006 03:11 AM
DNS query from outside to internal, public DNS server Lars Bonnesen Cisco 9 04-08-2006 11:16 AM
DNS question - reverse DNS getting cluttered Jose Padilla Computer Support 0 01-21-2004 10:29 PM



Advertisments