Re: DNS spoofing - security problems...

From: Chris (chris23_at_ic-2000.com)
Date: 12/23/04

• Next message: msm: "slow response from internet when typing an invalid URL"
• Previous message: hon123456: "Why administrator have no right to add zone"
• In reply to: Roger Abell: "Re: DNS spoofing - security problems..."
• Messages sorted by: [ date ] [ thread ]

---

Date: Thu, 23 Dec 2004 10:17:51 -0500

Yeah, I know. I wish I didn't clear it before taking a look at its
contents. If it happens again, I definately will take a look at it.

"Roger Abell" <mvpNoSpam@asu.edu> wrote in message
news:uv1%231GD6EHA.3828@TK2MSFTNGP09.phx.gbl...
> Next time around we really need to get info on what is in the cache,
> as obviously that is the source of propagation to your clients.
> --
> Roger
>
> "Chris" <chris23@ic-2000.com> wrote in message
> news:irZxd.14260$8V5.9878@fe10.lga...
>> This morning on of our DNS servers started responding to all requests
>> with
>> the same IP address. The only exceptions were sites that the server was
>> authoritative for. I fixed it by clearing the cache, but I have to
>> wonder
>> how this is happening. This server runs Windows 2000 dns and has the
>> "secure cache against pollution" option set (and I confirmed it in the
>> registry).
>>
>> I contacted Microsoft and they had no idea what might be happening. They
>> thought that one of the root servers may have been compromised. I find
> this
>> hard to believe however. I found this link on the web:
>> http://www.atsnn.com/story/105049.html which describes a similar
> situation.
>> It appears that this has occured to others over the last few weeks, and
> any
>> root server problems probably would have been dealt with.
>>
>> Has anyone seen this before. It seems like a vulnerability that has not
> yet
>> been addressed. However, maybe its just a vulnerability in DNS in
> general.
>> Any thoughts?
>>
>>
>
>

---

• Next message: msm: "slow response from internet when typing an invalid URL"
• Previous message: hon123456: "Why administrator have no right to add zone"
• In reply to: Roger Abell: "Re: DNS spoofing - security problems..."
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Issues migrating SBS 2003 domain to Server 2008 Standard ... We are stuck migrating our SBS 2003 domain to Server 2008. ... Fatal Error:DsGetDcName (SRV-EXCH) call failed, ... Verify your Domain Name Sysytem (DNS) is ... network connectivity to a domain controller. ... (microsoft.public.windows.server.sbs) Re: AD management snap in cannot find DC (netdiag /v workstation) ... The name.local entries are used by my apache server to implement ... change button, more button, the "Primary DNS suffix of this ... Attr: subschemaSubentry ... Owner of the binding path: ... (microsoft.public.windows.server.active_directory) Re: AD management snap in cannot find DC (netdiag /v workstation) ... button, more button, the "Primary DNS suffix of this computer", it should ... The Security System could not establish a secured connection with the server ... Attr: subschemaSubentry ... Owner of the binding path: ... (microsoft.public.windows.server.active_directory) Re: AD management snap in cannot find DC (netdiag /v workstation) ... DNS Host Name: tonyb-pc.imageproc.imageproc.com ... Testing IpConfig - pinging the DHCP Server... ... Attr: subschemaSubentry ... Owner of the binding path: ... (microsoft.public.windows.server.active_directory) Re: Issues migrating SBS 2003 domain to Server 2008 Standard ... Since you have migrated to standard server 2008 you would be better served posting in a Standard server NG. ... Event String: ... Verify your Domain Name Sysytem (DNS) is ... network connectivity to a domain controller. ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)