DNS wierdness and cox communications

Patrick Fleming, EA plug at rwcinc.net
Tue Aug 19 08:04:33 MST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

OpenDNS does lookup hijacking. If you want Firefox to do a google lookup
when the domain resolution fails openDNS is not for you.

Lisa Kachold wrote:
| Cox allowed recursive lookups and non-auth responses which opens
| their servers up to DNS cache poisoning.
|
| You can use opendns.com - or another of the free DNS servers?
|
| Just configure your network to allow only port 53 to/from that site.
|
|
| (503)754-4452 Blackberry || Obnosis.com || iCrossing.com
|
|
|> Date: Thu, 14 Aug 2008 08:22:06 -0700 From: plug at rwcinc.net To:
|> plug-discuss at lists.plug.phoenix.az.us Subject: Re: DNS wierdness
|> and cox communications
|>
| The recent DNS fix forcing port randomization can also be a culprit.
|
| Matrix Mole wrote: | I'd say it's guaranteed cox. I'm having exact
| same problems and cox is | the only provider involved. I've a fried
| who lives about two streets | over from me, again having the same
| problems. Unfortunately, I've | called cox and they basically are
| telling me it's my computer (all 7 | of them in my house) that are at
| fault, cause nothing on their network | could cause that behavior.
| When I mentioned to them that others I've | heard of were having
| these problems they were like "Oh, if that were | the case we'd have
| a lot more calls, and we don't" then they dismissed | me. I'm calling
| back tomorrow and going to talk to a manager and see | if maybe I can
| get someone to accept they've screwed something up in | their network
| and need to fix it. | | On Mon, Aug 11, 2008 at 4:56 AM, Technomage
| Hawke | <technomage.hawke at gmail.com> wrote: |> yeah... could be just
| my connection..... in diverse places on cox (and |> from what I see,
| also on qwest). someone suggested a possible routing |> issue as well
| (more than likely the case). |> |> one other possible thought, the
| root DNS servers may not be accepting |> connections from jus
| "anybody". |> |> ASU's DNS servers are actually located within the
| qwest ip space. |> |> I have tried other DNS servers with variable
| results. I might have to |> break out wireshark and see if I am
| getting connection resets on that |> port. and run some tests with my
| clients over this week. |> |> anyway, I don't have enough available
| info to call it as a cox or a |> qwest specific issue. |> |> |> On
| 8/10/08, James Mcphee <jmcphe at gmail.com> wrote: |>> If you're
| experiencing issues, then set up a job to query Cox and Qwest's |>>
| and whoever's DNS servers at the same time and log it.  See if you're
| seeing |>> a trend.  It could just be your connection. |>> |>> |>> On
| Sun, Aug 10, 2008 at 12:07 AM, Craig White <craigwhite at azapple.com>
| |>> wrote: |>>> On Sat, 2008-08-09 at 23:39 -0700, Technomage Hawke
| wrote: |>>>> Over the last few weeks, I have noticed an increasing
| number of |>>>> customer calls about network outages. Now on the
| surface, this might |>>>> not seem all that relevant, However, these
| issues are not just windows |>>>> centric. |>>>> |>>>> I have
| discovered a pattern to the outage problems I have been |>>>>
| troubleshooting. it seems that cox is filtering dns traffic to anyone
|  |>>>> outside their own ip space. any attempt to use a DNS root
| server or |>>>> even the ASUdns servers results in many pages not
| being resolved. as |>>>> soon as I set for the cox dns servers, all
| seems to work again. |>>>> |>>>> anyone else noticing this
| "filtering" on cox's part? |>>> ---- |>>> no - it makes no sense, you
| can always test your theory out at any time |>>> you want by running
| commands such as dig and host and if you really |>>> care, you could
| run your own caching dns server which would obviously |>>> need to
| access other dns servers to be worthwhile. |>>> |>>> Craig |>>> |>>>
| |>>> |>>> |>>> ---------------------------------------------------
| |>>> PLUG-discuss mailing list - |>>
| PLUG-discuss at lists.plug.phoenix.az.us |>>> To subscribe, unsubscribe,
| or to change your mail settings: |>>> |>>
| http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss |>> |>>
|  |>> -- |>> James McPhee |>> jmcphe at gmail.com |>> |>>
| --------------------------------------------------- |>>  PLUG-discuss
| mailing list - |>> PLUG-discuss at lists.plug.phoenix.az.us |>>  To
| subscribe, unsubscribe, or to change your mail settings: |>>
| http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss |>> |>
| --------------------------------------------------- |> PLUG-discuss
| mailing list - PLUG-discuss at lists.plug.phoenix.az.us |> To subscribe,
| unsubscribe, or to change your mail settings: |>
| http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss |> |
| --------------------------------------------------- | PLUG-discuss
| mailing list - PLUG-discuss at lists.plug.phoenix.az.us | To subscribe,
| unsubscribe, or to change your mail settings: |
| http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss |
- ---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

| _________________________________________________________________ See
| what people are saying about Windows Live.  Check out featured posts.
|  http://www.windowslive.com/connect?ocid=TXT_TAGLM_WL_connect2_082008
|
| ------------------------------------------------------------------------
|  --------------------------------------------------- PLUG-discuss
| mailing list - PLUG-discuss at lists.plug.phoenix.az.us To subscribe,
| unsubscribe, or to change your mail settings:
| http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkiq4QAACgkQIFnqWH4u/3N1wQCbBDT8CLhOJmbDsbzn8G2veMt3
tacAoMQhDyy9HNLJtIwXqDJgFj5whq76
=fLAj
-----END PGP SIGNATURE-----


More information about the PLUG-discuss mailing list