Cox allowed recursive lookups and non-auth responses which opens their servers up to DNS cache poisoning.

You can use opendns.com - or another of the free DNS servers?

Just configure your network to allow only port 53 to/from that site. 

(503)754-4452 Blackberry || Obnosis.com || iCrossing.com



> Date: Thu, 14 Aug 2008 08:22:06 -0700
> From: plug@rwcinc.net
> To: plug-discuss@lists.plug.phoenix.az.us
> Subject: Re: DNS wierdness and cox communications
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The recent DNS fix forcing port randomization can also be a culprit.
>
> Matrix Mole wrote:
> | I'd say it's guaranteed cox. I'm having exact same problems and cox is
> | the only provider involved. I've a fried who lives about two streets
> | over from me, again having the same problems. Unfortunately, I've
> | called cox and they basically are telling me it's my computer (all 7
> | of them in my house) that are at fault, cause nothing on their network
> | could cause that behavior. When I mentioned to them that others I've
> | heard of were having these problems they were like "Oh, if that were
> | the case we'd have a lot more calls, and we don't" then they dismissed
> | me. I'm calling back tomorrow and going to talk to a manager and see
> | if maybe I can get someone to accept they've screwed something up in
> | their network and need to fix it.
> |
> | On Mon, Aug 11, 2008 at 4:56 AM, Technomage Hawke
> | <technomage.hawke@gmail.com> wrote:
> |> yeah... could be just my connection..... in diverse places on cox (and
> |> from what I see, also on qwest). someone suggested a possible routing
> |> issue as well (more than likely the case).
> |>
> |> one other possible thought, the root DNS servers may not be accepting
> |> connections from jus "anybody".
> |>
> |> ASU's DNS servers are actually located within the qwest ip space.
> |>
> |> I have tried other DNS servers with variable results. I might have to
> |> break out wireshark and see if I am getting connection resets on that
> |> port. and run some tests with my clients over this week.
> |>
> |> anyway, I don't have enough available info to call it as a cox or a
> |> qwest specific issue.
> |>
> |>
> |> On 8/10/08, James Mcphee <jmcphe@gmail.com> wrote:
> |>> If you're experiencing issues, then set up a job to query Cox and
> Qwest's
> |>> and whoever's DNS servers at the same time and log it. See if
> you're seeing
> |>> a trend. It could just be your connection.
> |>>
> |>>
> |>> On Sun, Aug 10, 2008 at 12:07 AM, Craig White <craigwhite@azapple.com>
> |>> wrote:
> |>>> On Sat, 2008-08-09 at 23:39 -0700, Technomage Hawke wrote:
> |>>>> Over the last few weeks, I have noticed an increasing number of
> |>>>> customer calls about network outages. Now on the surface, this might
> |>>>> not seem all that relevant, However, these issues are not just windows
> |>>>> centric.
> |>>>>
> |>>>> I have discovered a pattern to the outage problems I have been
> |>>>> troubleshooting. it seems that cox is filtering dns traffic to anyone
> |>>>> outside their own ip space. any attempt to use a DNS root server or
> |>>>> even the ASUdns servers results in many pages not being resolved. as
> |>>>> soon as I set for the cox dns servers, all seems to work again.
> |>>>>
> |>>>> anyone else noticing this "filtering" on cox's part?
> |>>> ----
> |>>> no - it makes no sense, you can always test your theory out at any time
> |>>> you want by running commands such as dig and host and if you really
> |>>> care, you could run your own caching dns server which would obviously
> |>>> need to access other dns servers to be worthwhile.
> |>>>
> |>>> Craig
> |>>>
> |>>>
> |>>>
> |>>>
> |>>> ---------------------------------------------------
> |>>> PLUG-discuss mailing list -
> |>> PLUG-discuss@lists.plug.phoenix.az.us
> |>>> To subscribe, unsubscribe, or to change your mail settings:
> |>>>
> |>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> |>>
> |>>
> |>> --
> |>> James McPhee
> |>> jmcphe@gmail.com
> |>>
> |>> ---------------------------------------------------
> |>> PLUG-discuss mailing list -
> |>> PLUG-discuss@lists.plug.phoenix.az.us
> |>> To subscribe, unsubscribe, or to change your mail settings:
> |>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> |>>
> |> ---------------------------------------------------
> |> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> |> To subscribe, unsubscribe, or to change your mail settings:
> |> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> |>
> | ---------------------------------------------------
> | PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> | To subscribe, unsubscribe, or to change your mail settings:
> | http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> |
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (Cygwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkikTZ4ACgkQIFnqWH4u/3OFPQCfYfh/ahJFU5+pZ0VaehSLAHtR
> QUoAnjs+nEV/eAS2h150Y5Fy1ALE70EZ
> =RMKX
> -----END PGP SIGNATURE-----
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


See what people are saying about Windows Live. Check out featured posts. Check It Out!