Qwest fixing DNS servers vulnerable to cache poisoning?

Author	All Replies
colorbars join:2003-03-20 USA	Qwest fixing DNS servers vulnerable to cache poisoning? It looks like at least one of Qwest's SLC DNS servers is vulnerable to the DNS poisoning that was made semi-public today. »m.news.com/2166-12_3-9985618-57.html 206.81.128.1 (slc-dns-01.inet.qwest.net) is showing as not being patched yet. Anyone have other data points?
	to forum · permalink · · 2008-07-09 03:21:43 ·
Bink join:2006-05-14 Denver, CO	I wonder how quickly Qwest will respond to this; it might make me go back to running my own DNS caching server locally.
	to forum · permalink · · 2008-07-10 18:26:43 ·
colorbars join:2003-03-20 USA	reply to colorbars I'd say we were better off before. I think Qwest has completely hosed the SLC DNS servers. They (206.81.128.1 and 204.147.80.5) aren't resolving any forward DNS at all right now as far as I can tell. I could only get here by punching the IP manually in my hosts file. I didn't apply any patches to an of my local equipment, so I'm pretty sure the problem is on the Qwest end. I'd ask if anyone could confirm, but if you're using the hosed DNS servers you probably can't see this.
	to forum · permalink · · 2008-07-11 02:34:07 ·
bigjoesmith join:2000-11-21 Peoria, IL	Seattle DNS servers at 205.171.3.65 and 205.171.2.65 are working ok for me. Don't know if they've been patched.
	to forum · permalink · · 2008-07-11 04:56:42 ·
hurfy join:2002-08-06 Spokane, WA	Had to update to those new numbers myself last night. I think i had one old qwest number and an old one from someone else and got nowhere when i got home. Someone killed at least one server they said was going away rather than update it would appear. I tend to take Qwest notices of something going away with a grain of salt since discovering my uswest email address works years after it won't be working
	to forum · permalink · · 2008-07-11 13:38:57 ·
infosyshelp @myriad.com	reply to colorbars Client of mine had DNS problem - he was on the SLC DNS servers. I switched him to the 205.171.3.65 and 2.65 and that fixed the issue. Sounds like the problem started late yesterday.
	to forum · permalink · · 2008-07-11 15:31:01 ·
CPG @qwest.net	Don't count on the 205.171.2.65 and .3.65 DNS servers being any good. After a frustrating half-hour of trying to figure out why an image wouldn't load (checked my own firewall, powered up a Debian system and hooked it right to the modem), I determined that the Qwest DSL servers are now resolving some domains to 127.0.0.1. Try, for example, imagefap.com. My problem was accessing an imageshack.us image. I've changed my systems to use Level3's public DNS at 4.2.2.1, 4.2.2.2,... Things seem to be working fine. The odd thing is that after I changed the Actiontec GT701 setup to use 4.2.2.1 for a DNS server, it continued to use 205.171.2.65 after restarting. Telnet-ing into the modem and changing /etc/resolv.conf manually did the trick.
	to forum · permalink · 2008-07-19 18:32:56 ·
Bink join:2006-05-14 Denver, CO edit: July 21st, @01:03PM	Neat. I didn’t know this and wonder why they chose to do this. Yet another reason for me to go back to running my own DNS caching server locally.
	to forum · permalink · · 2008-07-20 05:16:59 ·


Sunday, 12-Oct 20:09:48	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9 years online! © 1999-2008 dslreports.com. page compression OFF