lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1145490218.825.259469491@webmail.messagingengine.com>
Date: Wed, 19 Apr 2006 18:43:38 -0500
From: "John Biederstedt" <john@...nsdomain.org>
To: "Thor (Hammer of God)" <thor@...merofgod.com>,
	"Bugtraq" <bugtraq@...urityfocus.com>
Subject: Re: [Full-disclosure] Microsoft DNS resolver: deliberately
   sabotagedhosts-file lookup

Actually, according to microsoft, the dns client in XP was *intended* to
check to see if a dns lookup had failed earlier before going to the
hosts file.

We did ping the internal domain controller, added the bogus FQDN, and
tried again.  None of that worked, because prior to the VPN working, and
lookup of the domain controller had failed, and been cached.  So,
because the failiure was checked before the hosts file, once the VPN was
up, the dns lookups didn't work.

Oh yes, the XP install was factory Dell.


Download attachment "ReFull-disclosureMicrosoftDNSresolverdeliberatelysabotagedhosts-filelookup.eml" of type "message/rfc822" (2642 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ