On Tue, 2004-11-30 at 12:17, Mark Phillips wrote:
> Since cox does not generate this page (or so they say), I started down a
> path that assumed they are not at fault. If their dns servers are flaky,
> then perhaps that is the cause of the problem after all?
Possible at least.
> Sorry to be a newbie - how do I find other name servers? I also think
> the name servers are contained in my Linksys router, which sits between
> my PC and the cable modem. BTW, I already tried removing the router and
> going straight to the cable modem, but I got hit by the same problem
> after a while of surfing).
Well, you showed us the /etc/hosts file from your linux box that
contained three Cox DNS servers. I would bet that your Linksys box gets
a DHCP lease from Cox which includes the DNS servers they want you to
use (sometimes referred to as 'Scope Options'). When your Linux box
gets a lease from your Linksys box, those DNS servers are passed down.
That would be a typical home user setup.
Once your Linux box learns the DNS servers, it stores them in the file
/etc/resolv.conf. After that, your Linux box will do all name-to-IP
resolution by first checking /etc/hosts, and then querying the
nameservers listed in /etc/resolv.conf.
All you really need to do to test my theory of compromised DNS servers
at Cox is to change the contents of /etc/resolv.conf when you notice
your http sessions being hijacked. If you point to some other ISP's DNS
servers and the hijacking stops immediately, you know where the problem
is. If that turns out to be it, the kind folks on this list can help
you devise a more permanent solution to bypassing the Cox nameservers.
Of course, the /etc/resolv.conf file will revert upon on the next
successful DHCP lease renewal. I wouldn't bother with a permanent
bypass until you know if that's the problem.
As far as your contract goes, Cox does not care if you use their DNS
servers or not, just like they don't care if you use their POP servers.
It is generally bad netiquette to use other providers' DNS servers
without being a subscriber, but it doesn't hurt for a quick test here
and there.
A more permanent solution would be to use one of the growing number of
"public" DNS servers like ns1.granitecanyon.com or
ns2.granitecanyon.com. Google is your friend here[1]. Better yet,
stand up your own internal DNS server and allow it to recurse up to the
Internet root servers and do your own resolutions. We'll save that for
another thread. ;-)
...Kevin
[1]
http://www.google.com/search?q=%22public+dns+servers%22
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)