Re: Was this poisoning, spoofnig, or something else?

* Kevin D. Goodknecht Sr. [MVP] (Wed, 19 Dec 2007 07:20:42 -0600)
In news:MPG.21d04c22bd8e74699898bf@xxxxxxxxxxxxxxxxxxxx,
Thorsten Kampe <thorsten@xxxxxxxxxxxxxxxx> typed:
* Kevin D. Goodknecht Sr. [MVP] (Sun, 16 Dec 2007 15:04:09 -0600)
In news:MPG.21cf7af7a4b63e499898bd@xxxxxxxxxxxxxxxxxxxx,
Thorsten Kampe <thorsten@xxxxxxxxxxxxxxxx> typed:
* Kevin D. Goodknecht Sr. [MVP] (Sat, 15 Dec 2007 23:03:06 -0600)
[snipping all the previous stuff because it got too long]
Nslookup uses the DNS client's DNS suffix search list, it does NOT
always devolve the name, you should test it yourself, I have.
If the DNS client has only one suffix in the search list, no matter
how may levels the suffix is, it will append only the suffix(es) in
the list..

Sorry, you now see me confused: Steve's problem was that he
discovered that all queries like "nslookup www.test.com" returned
"www.test.com.test.com (china address)".

I replied that he's got two issues. One is his incorrect nslookup
query - he simply forgot the trailing point, so automatically his
local domain was added. His local DNS forwards the query to his
ISP's
DNS because the local DNS is authorative for test.com but not for
test.com.test.com.

If his local DNS server is Authoritative for test.com, explain why
you think it would not have Authority for test.com.test.com?

That's how DNS works, right? If a nameserver is authoritative for the
com domain, that doesn't mean it's authoritative for microsoft.com,
right?!

And I actually did a trace on a test machine and the Windows 2003 does
indeed query external servers for mydomain.local.mydomain.local.

It will not query external DNS servers for mydomain.local.mydomain.local, IF
you have a zone for mydomain.local.

A few days ago I thought I had seen exactly that in a dump but I
wasn't able to reproduce it even though trying a few times. Guess
you're right, Mr. MVP. ;)

Thanks for the clarification,
Thorsten
.

Relevant Pages

  • Re: Was this poisoning, spoofnig, or something else?
    ... If the DNS client has only one suffix in the search list, ... His local DNS forwards the query to his ... If his ISP did a "catch all" (Wildcard) for all unknown domains, ... only because VeriSign has authority over those TLDs. ...
    (microsoft.public.windows.server.dns)
  • Re: Was this poisoning, spoofnig, or something else?
    ... His local DNS forwards the query to his ISP's ... it would not have Authority for test.com.test.com? ... If his ISP did a "catch all" (Wildcard) for all unknown domains, ...
    (microsoft.public.windows.server.dns)
  • Re: Was this poisoning, spoofnig, or something else?
    ... His local DNS forwards the query to his ISP's ... it would not have Authority for test.com.test.com? ... Wildcard records should only exist in Authoritative ...
    (microsoft.public.windows.server.dns)
  • Re: What can djbdns, (or any DNS Server/cacher) do for me? - from Sh4d03
    ... and one thing i haven't seen posted is that even M$'es dns config files are ... BIND compliant in format. ... > recursive resolution, and acting as an authority. ...
    (comp.unix.bsd.openbsd.misc)
  • Re: can not get on to the web on domain controller
    ... But As I mentioned if I use the local DNS (which is pointed to ISP's ... But if I use the DHCP which is not the domain Controller DHCP (OLD SERVER ... List of NetBt transports currently bound to the Redir ...
    (microsoft.public.windows.server.networking)