plj
join:2008-04-23
Union City, NJ
| Affected by DNS poisoning?
I found a site that claims to have a way of testing whether your name server is affected by the recently uncovered DNS poisoning problem, but I don't understand it well enough to know if I should take its warning seriously. I grabbed all the patches from Windows Update, so I *should* be good, but I'm still worried.
Can anyone knowledgeable about these things please check it out? Or if you have another way of testing it, could you please post? Thanks in advance |
|
huyvu
join:2001-03-25 | Not sure about the above site, but you can use »doxpara.com to check your DNS servers. It's run by Dan Kaminsky who found the flaw. |
|
plj
join:2008-04-23
Union City, NJ | Awesome, I think I can trust the guy who found the flaw. Thank you. |
|
huyvu
join:2001-03-25 | reply to plj
... Unless your DNS servers were already compromised and doxpara.com has been redirected to another site that will always tell you your DNS servers are OK. ...  |
|
Cabal
Premium
join:2007-01-21
Boston, MA
| said by huyvu  :... Unless your DNS servers were already compromised and doxpara.com has been redirected to another site that will always tell you your DNS servers are OK. ... 
--
Interested in open source engine management for your Subaru? |
|
heels_fan
1.20.09 The start of Socialism
Premium
join:2003-02-07
Columbia, TN
| reply to plj
said by plj :I found a site that claims to have a way of testing whether your name server is affected by the recently uncovered DNS poisoning problem, but I don't understand it well enough to know if I should take its warning seriously. I grabbed all the patches from Windows Update, so I *should* be good, but I'm still worried. Can anyone knowledgeable about these things please check it out? Or if you have another way of testing it, could you please post? Thanks in advance It does not matter if you are updated or not, this is no0t a local PC issue. This is a ISP issue and could affect you anyways. |
|
Googlefreak9
join:2008-04-11
Etobicoke, ON | reply to plj
I use openDNS it is suppose to be more secure than your local ISP DNS server. It has nothing to do with pc really. |
|
dauthiatull
join:2003-08-06
Toronto, ON | reply to plj
these test apear to be usless
one says not secure the other says secure
which one to trust |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| The two reliable tests are at »www.doxpara.com/ and »https://www.dns-oarc.net/oarc/services/dnsentropy
They show that Time Warner has not yet patched the Hawaii Road Runner or Orange (California -Los Angeles area) Road Runner DNS servers. Some franchises have been patched but not all. TW has until Aug 6 to get them patched. (That's when Dan Kaminsky is going to reveal how the flaw works).
Earlier this evening about 8PM Sunday (the most used time on the internet for Hawaii RR users), suddenly, when I went to post a reply to a thread here I got a DNS error that the host name could not be resolved. It was sort of odd as I could reach my modem's web page so the modem was operating correctly but I could not reach any site. I could not use Ping Plotter to ping sites either as the name resolvers for Hawaii appeared totally down. I wondered if TW had chosen this time to patch Southern California and Hawaii DNS servers and had a problem as evidently they tried last week to patch in Southern Cal and it caused a big outage. I called Oceanic TW and a lowly customer service rep had no idea what I was talking about but did check my modem and said my connection was fine. After I recycled the router and modem and rebooted, the DNS servers worked again.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
TheWiseGuy
Dog And Butterfly
Premium,MVM
join:2002-07-04
Yonkers, NY
| said by Mele20 :(That's when Dan Kaminsky is going to reveal how the flaw works). Cat is out of the bag already. Info was leaked and he has explained the exploit
»news.cnet.com/8301-1009_3-9998906-83.html
--
Warning, If you post nonsense and use misinformation and are here to argue based on those methods, you will be put on ignore. |
|
falcon04
join:2005-03-03 | reply to Mele20
The dns-oarc test seems to work and shows my TW-RR servers seem to be ok.
The doxpara test returns a blank white box with no info. ? |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| said by falcon04 :The dns-oarc test seems to work and shows my TW-RR servers seem to be ok. The doxpara test returns a blank white box with no info. ? For the dns-oarc test what was the source port rating for your RR? My RR shows "POOR" source port rating. There is NO RANDOMNESS AT ALL. Transaction ID though is GREAT.
I could not get the doxpara test to work except on IE8 of all things. It doesn't appear to like Fx 1.5 or Fx 3. It probably works on IE7 also.
Time Warner has not patched most of their DNS servers. If Dan has already explained the exploit then that is very scary for most Road Runner users.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31
 ·Verizon Online DSL
| quote:
I could not get the doxpara test to work except on IE8 of all things. It doesn't appear to like Fx 1.5 or Fx 3. It probably works on IE7 also.
Both test sites work fine in Fx v2, 3, (latest) and the tk (minefield) build.
Check your settings.
--
"Living on Earth is expensive, but it does include a free trip around the sun". |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| It no longer matters. The test is inaccurate. USE ONLY the dns-oarc test!
"The test Dan created at his DoxPara site has the attribute of
being first, but unfortunately it is not accurate. A *much*
better (and fully accurate) test is now available here:
»entropy.dns-oarc.net/test/ "
From a GRC Newsgroup post Jul 28 by Steve Gibson.
Steve Gibson's podcast Tuesday will be on DNS spoofing.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31
·Verizon Online DSL
| quote:
It no longer matters.
Actually it should matter because if anything it indicates a problem with your browser setup or settings if they are not rendering correctly.
quote:
Steve Gibson's podcast Tuesday will be on DNS spoofing.
Thanks anyway but I would rather lay outside on my hammock watching the grass grow.
--
"Living on Earth is expensive, but it does include a free trip around the sun". |
|
Insder
There never was a second I in my name
Premium
join:2005-04-27
Salem, MA
| reply to Mele20
I'll start listening to Steve Gibson when pigs fly and money starts growing on trees..  If anyone should have a tinfoil hat, it's that crazy fuck.
--
The one, the only, the Insder. :: Fighting phishing for life. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to Grail Knight
Well, I am far more concerned about Time Warner's lack of patching (which is irresponsible and dangerous) than I am about Firefox. Especially after I had my wall outlet where the UPS was plugged in blowout today. I have no light in my bedroom, had to jerryrig extension cords over closet tops and down the side to reach the only electrical outlet now working in that room (also today I discovered another bedroom outlet was very hot to the touch if I plugged anything in it and the third one is dead too)...this is so I can have fans for sleeping...it is very humid here now and hot (about 87 in my bedroom at night).
Now, at least, I know why the UPS has acted so strangely recently. That outlet has been going bad I think for some time and then completely blew today. Last night, suddenly the UPS started screeching and I had to shut off the computer yet I had electricity and that outlet was "ok" as my dresser lamps and a fan were still working. Today, I thought the UPS would have recharged but no, I start the computer and immediate screeching from the UPS. I was trying to shut down again but before I could the outlet blew. There is only one other outlet near enough to the cable outlet to use and I was afraid it would get over loaded if added this computer. I had to unplug everything else (it already has the older computer on it). Quite a fun day and I didn't discover any of this until late in the afternoon so I couldn't call an electrician.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31
·Verizon Online DSL
| Time Warner will get to it.
---OT---
If your outlets are hot to the touch the problem is most likely from overloading the circuit. An electrician needs to determine how much wattage you are pulling vs what the outlets can handle. Your condo wiring may not be up to what you are trying to use it for. Fans, computers, etc...
--
"Living on Earth is expensive, but it does include a free trip around the sun". |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| Heck the DNS outage AGAIN in Southern California Sunday night affected me here in Hawaii. I am getting so tired of Time Warner's total blundering idiocy in Southern California and for forcing Oceanic Road Runner's RDC to be put at Orange three years ago. Every problem Southern Cal has Hawaii is affected. It wasn't like that until 2005. Southern Cal and Hawaii will probably be the last to be patched because of the massive ongoing, current DNS problems in Southern Cal.
[OT]
As for the outlet being hot, only a fan is attached there. A fan has been attached there for many years. The building is 36 years old and on the ocean. Problems are to be expected. We are properly wired for computers, broadband, cable TV, etc. but we are on the ocean in an aging building. The outlet that had the UPC on it was not hot and also had a fan that isn't used much but is used in the summer and two very low wattage very small lamps that usually are not on unless I am in the room at night and need light by my dresser. The third outlet that was dead when I tried it has had one side dead for years and now the other is dead too. I hadn't needed it as there is another outlet one foot from it (totally crazy).
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
falcon04
join:2005-03-03
| reply to Mele20
"For the dns-oarc test what was the source port rating for your RR?"
( TW-RR Carolina )
Here's a copy / paste of the results a few moments ago:
24.25.5.150 Source Port Randomness: GREAT
Number of samples: 59
Unique ports: 59
Range: 1480 - 65302
Modified Standard Deviation: 18771
Bits of Randomness: 16
Values Seen: 42763 50301 64608 30989 28895 29871 28904 20724 15791 63628 65302 7569 45724 56864 29130 4797 64817 31076 56639 29471 19065 28267 8072 35362 26466 64017 1480 55363 31018 18647 51052 57560 47830 12948 11138 2832 52067 39632 43516 3734 59930 50199 49129 50043 52753 37247 47159 48348 55459 23018 55934 13539 7138 42780 33703 55563 54194 23868 29011 |
|
