DNS Lying to Linux Clients ?
Simon Waters
Simon at wretched.demon.co.uk
Sat Aug 16 16:26:22 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bob Elliott wrote:
>
> ANSWER = You asked for the A record of www.google.com.
> The A record of www.the-signin-page.ourschool.edu is 192.168.1.1
>
> If I try to ping or browse I can see that two requests are made to the
> DNS server. And each time the DNS server replies with the expected
> answer (name: www.the-signin-page.ourschool.edu and address: the ip
> address) However the client will then say "unknown host" for pings
> and "page not found" when trying to browse.
>
> I think the Linux resolver is ignoring the answer because it
> doesn't match any queries that were sent.
>
> Can anyone confirm that this is how the Linux resolver behaves?
Sorry if you are saying the answer is for the wrong question, I'd expect
any client to ignore it.
If you are saying the answer you gave is correctly formed (a believable
lie), then all should do the same.
Suggest you post the output of "dig www.google.com" to the list, if you
want more informed explanations.
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/PlsrGFXfHI9FVgYRAgJTAKCBjomjleyN852v//vVHZUbLRHFCACg18hD
UGsv9cBDHHTQpXLAYmRoCE0=
=aRy6
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list