Monster Rain
Premium
join:2002-08-03
USA
| reply to joeykahn
Re: Charter Corrupting DNS protocol (ie: hijacking hosts)
said by joeykahn  :Really, it isn't just about typos; these sort of high level DNS changes ruin various applications including my site download scripts and other software. Care to elaborate on your scripts, or what other software is ruined? |
|
joeykahn
join:2005-09-10
Bay City, MI
| Of course I can. I sent the entire letter to Charter and I'm not up to duplicating it here, at the moment. I'll post it on one of my blogs and link back since itis in the form of an open letter (once I add the title "An Open Letter...";) it may be more suitable on a clearly biased site 
Thanks for asking
|
|
useless
join:2006-07-16 | I can only think of a webcrawler (mb a homebew one?) that would be affected...waiting to see the letter in the meantime. |
|
shakka_kahn
@charter.com
| said by useless :I can only think of a webcrawler (mb a homebew one?) that would be affected...waiting to see the letter in the meantime. This should be amusing  |
|
Darkk
join:2003-10-03
Almont, MI
 ·Charter Pipeline
| Time to stop thinking web-browser-centric...
Lots of apps rely on a predictable DNS error on a server being unavailable. This is horribly broken when DNS is corrupted the way Charter implemented it.
SFTP, FTP, SSH all return a rejected login and not a server unavailable with the new DNS corruption. You can't validate domains to determine whether email is spam as all domains now resolve, not to their respective site, but now to Charter's proxy site, causing all reverse DNS tests to pass on any email, spam and non-existent domains included. (Thanks for helping the Spammers and scammers Charter!)
Standards are there for a reason, and that reason is that applications and protocols depend on standards-based operation to work correctly and to work as expected. Charter broke this when it corrupted the standard DNS operation.
There is a whole lot more to the Internet than just a web browser.
If Charter had half a clue, they would have at least implemented the DNS hijack so that it affected only requests directed toward port 80 resources, rather they chose to foul *everything* up. |
|
Monster Rain
Premium
join:2002-08-03
USA | FTP and SSH are working fine for me Darkk. |
|
Darkk
join:2003-10-03
Almont, MI | What happens now on an offline (unreachable) server?
Do you get a "not available" message or a connection refused message? |
|
useless
join:2006-07-16
2 edits | Are you under the impression that when you FTP by a name you are not querying DNS same as a browser?
And if your mail server is having issues, change the resolv.conf file on your *nix mail server.
This forum (not just the Charter corner) is full of people that holler and scream about their ISPs DNS service. Not sure why anyone that reads here often is it using for things they consider critical.
And if you think Charter is the first company to think of this I believe you are probably mistaken. If they are truly the first, props for being first at something.
We still have the normal DNS. But I suspect if one nmaps the "New" dns server, it is not listening on 21 or 22 or whatever nonstandard port you are using. Might get this:
ssh: connect to host 24.217.0.5 port 17236: Connection refused
Will be interesting to see. I would imagine that 0.5 will be replace with something else in St Louis. Guess I could try this on an outdated DNS server and see. |
|
useless
join:2006-07-16
| I was perusing another thread in another forum..stumbled upon something interesting..
This new DNS.. wonder what affect it has / would have / could have on the millions of trojans and botnets out there..think any of those are using DNS?? I always assuming port scanning and that they blow up arp tables. Thoughts? |
|
shakka_kahn
@charter.com | reply to joeykahn
yo joey, we are waiting for you to post your "letter". |
|
