NetWatchMan
Premium,VIP
join:2001-03-13
Alpharetta, GA
| reply to SUMware
Re: Exploit code for Kaminsky DNS Bug Goes Wild
Please...take the time to understand the implications of this issue...they are profound and represent the most serious and widespread security issue to impact the Internet to date:
»www.informationweek.com/newslett···09401195
In a nutshell, until your ISP has patched their DNS servers, you can no longer trust that your ISP will resolve DNS name (e.g. 'yourbank.com') correctly. Criminals can now hijack any domain name they want and draw your traffic to sites they control...thus you THINK you have surfed to your bank's website, but you are really talking to a server in Russia.
Until you know that your ISPs DNS servers have been patched, I would advise that everyone NOT utilize any web server of a sensitive nature (e.g. online banking, paypal, online retailer, etc..).
Please...as many people as possible...especially if your on a less mainstream ISP...please run Dan's tester:
»www.doxpara.com/
See: DNS Checker button in upper right
In addition to giving you valuable information, it will flag your ISPs DNS servers as vulnerable (if they are) in Dan's database...Dan is then providing a feed through Oarc and myNetWatchman (me) and I'm sending out notifications to all the ISPs with these vulnerable servers.
I just finished sending out 10,000 notices this afternoon covering more DNS servers than I care to comment on.
Unfortunately, I suspect this problem is going to exist for YEARS as many smaller ISPs will just not get the severity of this problem and leave their users exposed.
I would also encourage everyone how can to please take some time to educate others you know about this issue who might be less technically inclined.
--
Lawrence Baldwin
myNetWatchman
The Internet Neighborhood Watch |
|
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
 ·Verizon FIOS
 ·EarthLink
| said by NetWatchMan  :Unfortunately, I suspect this problem is going to exist for YEARS as many smaller ISPs will just not get the severity of this problem and leave their users exposed. Am I correct in thinking that this will create a major vulnerability for road warriors and their laptops?
--
Courage is being scared to death but saddling up anyway.
|
|
SUMware
Premium
join:2002-05-21
edit:
July 24th, @05:55PM
| reply to NetWatchMan
said by NetWatchMan :Please...take the time to understand the implications of this issue...they are profound and represent the most serious and widespread security issue to impact the Internet to date: I would also encourage everyone how can to please take some time to educate others you know about this issue who might be less technically inclined. Thank you for the added emphasis. I've already emailed my contacts, explaining this situation. If ISP servers test vulnerable, a currently viable mitigation is to consider using OpenDNS. |
|
SipSizzurp
Fo' Shizzle
Premium
join:2005-12-28
Hilo, HI
 ·RoadRunner Cable
| said by SUMware :...consider using OpenDNS. Do you have the DNS IP address that I can put into my router ?
--
I spent most of my money on Women and Beer, and the rest I just wasted ! |
|
Rogue Wolf
Came To Bury Caesar, Not To Praise Him
join:2003-08-12
Saratoga Springs, NY
| said by SipSizzurp :Do you have the DNS IP address that I can put into my router ? There's two.
208.67.222.222
208.67.220.220
The site will have a guide on how to change your router's settings to do this, if necessary.
--
Four gods wait on a windowsill,
Where once eight gods did war and will.
And if the gods themselves may die,
What does that say for you and I? |
|
SipSizzurp
Fo' Shizzle
Premium
join:2005-12-28
Hilo, HI | Thanks ! I know several commercial customers that use Road Runner. These will be handy.
--
I spent most of my money on Women and Beer, and the rest I just wasted ! |
|
Sparrow
Premium
join:2002-12-03
Varna, BG
|  reply to SUMware
said by SUMware :said by NetWatchMan :Please...take the time to understand the implications of this issue...they are profound and represent the most serious and widespread security issue to impact the Internet to date: I would also encourage everyone how can to please take some time to educate others you know about this issue who might be less technically inclined. Thank you for the added emphasis. I've already emailed my contacts, explaining this situation. If ISP servers test vulnerable, a currently viable mitigation is to consider using OpenDNS. SUMware and NetWatchMan , thank you very much for the link to OpenDNS and emphasizing the seriousness of this latest exploit.
I will also encourage anyone having not "great" reports at either of the sites listed below to do the same. I have sent numerous e-mails out explaining the configuration is easy enough for the not-so computer savvy and explained they should write down their current router settings in case OpenDNS does not work or they err in configuration.
said by SUMware :To test if your ISP's nameservers are vulnerable to this type of attack visit: »» https:// www.dns-oarc.net/oarc/services/dnsentropy- and - »www.doxpara.com/ (click the button that says "check my DNS") I reset my router to OpenDNS and I went from 3 "Poor"s to 3 "Great"s and currently "safe." My provider is Verizon.
Excellent info in this thread. |
|
NetFixer
From my cold dead hands
Premium
join:2004-06-24
Murfreesboro, TN
·AT&T Southeast
 ·Vonage
 ·Cingular Wireless
·AT&T CallVantage
·Comcast
| reply to SUMware
said by SUMware :If ISP servers test vulnerable, a currently viable mitigation is to consider using OpenDNS. Another current alternative, if one does not want to jump through the hoops to set up an account at OpenDNS to get "vanilla" DNS without the filtering and redirecting, is to use the Level3 4.2.2.1, 4.2.2.2, 4.2.2.3, 4.2.2.4, 4.2.2.5, and 4.2.2.6 servers. They also currently pass the www.doxpara.com and www.dns-oarc.net tests.
I currently point to my local Win 2k server first, with fall backs to Level3, then OpenDNS (yes I use OpenDNS, but it was a PITA to setup with a load balancing router).
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
Test your firewall. |
|
NetFixer
From my cold dead hands
Premium
join:2004-06-24
Murfreesboro, TN
·AT&T Southeast
·Vonage
·Cingular Wireless
·AT&T CallVantage
·Comcast
| reply to FiOS Dan
said by FiOS Dan :Am I correct in thinking that this will create a major vulnerability for road warriors and their laptops? If the road warrior manually uses a patched company DNS server or a known safe public DNS server such as Level3 or OpenDNS, it should not be a problem.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
Test your firewall. |
|
SUMware
Premium
join:2002-05-21
edit:
July 25th, @01:08AM
| reply to NetFixer
said by NetFixer :if one does not want to jump through the hoops to set up an account at OpenDNS It is completely unnecessary to open an account at OpenDNS. I have never had one. Just use their IP addys and follow their instructions without opening an account.
OpenDNS states that creating an account is optional. |
|
NetFixer
From my cold dead hands
Premium
join:2004-06-24
Murfreesboro, TN
·AT&T Southeast
·Vonage
·Cingular Wireless
·AT&T CallVantage
·Comcast
edit:
July 25th, @01:43AM
| said by SUMware :said by NetFixer :if one does not want to jump through the hoops to set up an account at OpenDNS It is completely unnecessary to open an account at OpenDNS. I have never had one. Just use their IP addys and follow their instructions without opening an account. OpenDNS states that creating an account is optional. Unnecessary and/or optional for you perhaps, but I require unfiltered unmodified DNS, and the only way to get that from OpenDNS is to create an account and register your IP addresses. If you do not open an account and register your IP addresses, OpenDNS has no way of knowing who you are to be able to apply your desired settings, and you will get their default filtering and redirection.
This filtering and redirection by my definition is actually poisoned DNS, which is what we are trying to avoid. The difference between the OpenDNS poisoning and poisoning by a malicious third party is intent, and of course the public declaration by OpenDNS that the DNS replies may indeed be modified unless you open an account and setup your own requirements to override their default settings.
Don't misunderstand my post here. OpenDNS is a great service, and many people can benefit from their filtering and redirection, but that same filtering and redirection can wreak havoc if you really need accurate, unfiltered, and unredirected DNS results.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
Test your firewall. |
|
Rogue Wolf
Came To Bury Caesar, Not To Praise Him
join:2003-08-12
Saratoga Springs, NY
edit:
July 25th, @01:24AM
| reply to SUMware
said by SUMware :said by NetFixer :if one does not want to jump through the hoops to set up an account at OpenDNS It is completely unnecessary to open an account at OpenDNS. I have never had one. Just use their IP addys and follow their instructions without opening an account. OpenDNS states that creating an account is optional. I think what NetFixer is getting at is that to get "clean" DNS service (no redirects, etc) you have to sign up for an account. Which is alright with me- I don't have any programs or procedures that require that.
EDIT: Darn you, stop being so fast! 
--
Four gods wait on a windowsill,
Where once eight gods did war and will.
And if the gods themselves may die,
What does that say for you and I? |
|
NetFixer
From my cold dead hands
Premium
join:2004-06-24
Murfreesboro, TN
·AT&T Southeast
·Vonage
·Cingular Wireless
·AT&T CallVantage
·Comcast
| said by Rogue Wolf :EDIT: Darn you, stop being so fast! If that comment is targeted to me, thank you. With my tired old body and stiff arthritic joints (including my fingers), I don't hear something like that very often. It is usually more like "hurry up, what is taking you so long". 
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
Test your firewall. |
|
SUMware
Premium
join:2002-05-21
| reply to NetFixer
said by NetFixer :I require unfiltered unmodified DNS, and the only way to get that from OpenDNS is to create an account and register your IP addresses. If you do not open an account and register your IP addresses, OpenDNS has no way of knowing who you are to be able to apply your desired settings, and you will get their default filtering and redirection. Understand.
I do not have the same requirements as you. Having no account, and OpenDNS' defaults, works fine for me. |
|
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
·EarthLink
| reply to NetFixer
Thanks for the reply NetFixer. What I was referring to is the case where a road warrior's internet access is via a hotel or airport WiFi whose router DNS settings would override his or her laptop's. Is this not the case?
--
Courage is being scared to death but saddling up anyway.
|
|
NetFixer
From my cold dead hands
Premium
join:2004-06-24
Murfreesboro, TN
·AT&T Southeast
·Vonage
·Cingular Wireless
·AT&T CallVantage
·Comcast
edit:
July 25th, @12:57PM
| said by FiOS Dan :Thanks for the reply NetFixer. What I was referring to is the case where a road warrior's internet access is via a hotel or airport WiFi whose router DNS settings would override his or her laptop's. Is this not the case? No, If you manually enter the DNS servers in the TCPIP properties for the WiFi card, that is what will be used. I showed a picture of my desktop PC's NIC, but the same setup and principle would apply for a WiFi card. Here are sample ipconfig /all and nslookup www.yahoo.com commands for several different scenarios that I just made from a foreign WiFi connection to illustrate my point:
This is using the default settings for a foreign WiFi connection:
(in this case it is safe because Comcast has updated their DNS, but of course, that would not always be the case)
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : RWS-6325
Primary Dns Suffix . . . . . . . : dcs-net.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dcs-net
dcs-net.net
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Bluetooth PAN Network Adapter
Physical Address. . . . . . . . . : 00-11-E0-02-F6-D6
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-17-A4-E3-E7-CF
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-67-2C-DC
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.104
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 68.87.68.162
68.87.74.162
68.87.64.196
Lease Obtained. . . . . . . . . . : Friday, July 25, 2008 10:31:56
Lease Expires . . . . . . . . . . : Saturday, July 26, 2008 10:31:56
C:\>nslookup www.yahoo.com
Server: cns.s3woodstock.ga.atlanta.comcast.net
Address: 68.87.68.162
Non-authoritative answer:
Name: www.yahoo-ht3.akadns.net
Address: 69.147.76.15
Aliases: www.yahoo.com
*** You will note that in this case the WiFi connection's DNS was used. ***
This is using a manually entered known good set of public DNS servers:
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : RWS-6325
Primary Dns Suffix . . . . . . . : dcs-net.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dcs-net
dcs-net.net
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Bluetooth PAN Network Adapter
Physical Address. . . . . . . . . : 00-11-E0-02-F6-D6
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-17-A4-E3-E7-CF
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-67-2C-DC
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.104
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 4.2.2.4
4.2.2.6
Lease Obtained. . . . . . . . . . : Friday, July 25, 2008 10:39:15
Lease Expires . . . . . . . . . . : Saturday, July 26, 2008 10:39:15
C:\>nslookup www.yahoo.com
Server: vnsc-pri-dsl.genuity.net
Address: 4.2.2.4
Non-authoritative answer:
Name: www.yahoo-ht3.akadns.net
Address: 69.147.76.15
Aliases: www.yahoo.com
*** You will note that in this case the manually entered public DNS was used. ***
This is using the manually entered company's publicly visible DNS servers:
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : RWS-6325
Primary Dns Suffix . . . . . . . : dcs-net.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dcs-net
dcs-net.net
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Bluetooth PAN Network Adapter
Physical Address. . . . . . . . . : 00-11-E0-02-F6-D6
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-17-A4-E3-E7-CF
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-67-2C-DC
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.104
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 66.134.0.234
74.245.184.227
Lease Obtained. . . . . . . . . . : Friday, July 25, 2008 11:11:09
Lease Expires . . . . . . . . . . : Saturday, July 26, 2008 11:11:09
C:\>nslookup www.yahoo.com
Server: dcs-net.net
Address: 66.134.0.234
Non-authoritative answer:
Name: www.yahoo-ht3.akadns.net
Address: 69.147.76.15
Aliases: www.yahoo.com
*** You will note that in this case the manually entered company DNS was used. ***
This is using a PPTP VPN connection to the company network:
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : RWS-6325
Primary Dns Suffix . . . . . . . : dcs-net.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dcs-net
dcs-net.net
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Bluetooth PAN Network Adapter
Physical Address. . . . . . . . . : 00-11-E0-02-F6-D6
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-17-A4-E3-E7-CF
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-67-2C-DC
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.104
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 68.87.68.162
68.87.74.162
68.87.64.196
Lease Obtained. . . . . . . . . . : Friday, July 25, 2008 10:46:58
Lease Expires . . . . . . . . . . : Saturday, July 26, 2008 10:46:58
PPP adapter DCS Enterprises:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.201
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.10.201
DNS Servers . . . . . . . . . . . : 192.168.10.1
C:\>nslookup www.yahoo.com
*** Can't find server name for address 68.87.68.162: Query refused
*** Can't find server name for address 68.87.74.162: Query refused
*** Can't find server name for address 68.87.64.196: Query refused
Server: dcs-gw1.dcs-net
Address: 192.168.10.1
Non-authoritative answer:
Name: www.yahoo-ht3.akadns.net
Address: 69.147.76.15
Aliases: www.yahoo.com
*** You will note that even though the notebook attempted to use the WiFi connection's DNS first, the company's firewall prevented access and used its own DNS. ***
This is using an IPSEC VPN connection to company network:
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : RWS-6325
Primary Dns Suffix . . . . . . . : dcs-net.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dcs-net
dcs-net.net
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Bluetooth PAN Network Adapter
Physical Address. . . . . . . . . : 00-11-E0-02-F6-D6
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-17-A4-E3-E7-CF
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-67-2C-DC
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.104
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.10.1
68.87.68.162
68.87.74.162
68.87.64.196
Lease Obtained. . . . . . . . . . : Friday, July 25, 2008 10:55:11
Lease Expires . . . . . . . . . . : Saturday, July 26, 2008 10:55:11
C:\>nslookup www.yahoo.com
Server: dcs-gw1.dcs-net
Address: 192.168.10.1
Non-authoritative answer:
Name: www.yahoo-ht3.akadns.net
Address: 69.147.76.15
Aliases: www.yahoo.com
*** You will note that in this case the company's DNS was used first, so the WiFi connection's DNS did not come into play. ***
There is almost always more than one way to accomplish the same task; in this case, ensuring a safe DNS source even when on the road.
As a control sample, this is what a WiFi connection to my office LAN looks like:
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : RWS-6325
Primary Dns Suffix . . . . . . . : dcs-net.net
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dcs-net
dcs-net.net
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Bluetooth PAN Network Adapter
Physical Address. . . . . . . . . : 00-11-E0-02-F6-D6
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-17-A4-E3-E7-CF
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : dcs-net
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-67-2C-DC
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.10.68
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 192.168.10.2
192.168.10.1
Primary WINS Server . . . . . . . : 192.168.10.2
Lease Obtained. . . . . . . . . . : Friday, July 25, 2008 11:28:15
Lease Expires . . . . . . . . . . : Monday, July 28, 2008 11:28:15
C:\>nslookup www.yahoo.com
Server: dcs-srv.dcs-net.net
Address: 192.168.10.2
Non-authoritative answer:
Name: www.yahoo-ht3.akadns.net
Address: 69.147.76.15
Aliases: www.yahoo.com
--
We can never have enough of nature.
We need to wit ness our own limits transgressed, and some life pasturing freely where we never wander.Test your firewall. |
|
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA | Very informative NetFixer. I will manually enter the OpenDNS servers in my laptop's setting. Thanks a lot.
--
Courage is being scared to death but saddling up anyway.
|
|
spy1
Welcome to Amerika
Premium
join:2002-06-24
Charlotte, NC
| reply to SUMware
Thanks for the reminder about OpenDNS. I had thought that I was already using it (I was on the router before this upgraded, faster one from my ISP) - but after reading this I checked it just to be on the safe side and sure enough, I wasn't.
Went to both websites mentioned and found out that my ISP's DNS' failed. Re-set up OpenDNS and everything came out great.
Thanks. Pete |
|
