lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri Apr 14 16:45:26 2006
From: imipak at gmail.com (imipak)
Subject: Microsoft DNS resolver: deliberately sabotaged
	hosts-file lookup

Nick FitzGerald wrote:

> So, the exception is not that the IP is hard-coded, but that the DNS resolver skips looking in hosts for that _domain_ and necessarily does a network DNS lookup...
>


Presumably, it uses whichever DNS server the local OS thinks it
should use, no differently than any other application on the machine.
So, the workaround for Dave who wants to block connections is simple,
for a given value of simple of course --  run a local, caching only
DNS resolver, which proxies everything back to the usual DNS server,
*except* for which Microsoft sub-domains you'd like to overrule.

I know nothing of BIND configuration (or any other DNS server) but I
imagine this is at least possible.

Unless the DNS server is itself hardcoded in MediaPlayer, as well?


cheers

/i


--
And what exactly is a dream?
And what exactly is a joke?
                                            - Syd Barrett

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ