[36023] in bugtraq
Re: International DNS compromise?
daemon@ATHENA.MIT.EDU (Rio Martin.)
Sat Aug 7 09:49:29 2004
From: "Rio Martin." <rio@martin.mu>
To: bugtraq@securityfocus.com
Date: Fri, 6 Aug 2004 12:15:40 +0700
In-Reply-To: <200408051749.i75HndsK009720@plug.fi>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <200408061215.40670.rio@martin.mu>
On 06 August 2004 am 00:49, Troy wrote:
> It's probably the ISP you are using.
> They are intercepting DNS requests and returning their
> own replies. It could be something malicious, but it could
> just as well be the ISP saving bandwidth by caching DNS queries.
> If they cache DNS queries they probably cache www queries as
> well. This is very common among ISPs outside the U.S., since
> traffic out of the country tends to be a lot more expensive
> than domestic traffic.
> DNS is only as trustworthy as the companies who control
> your network and those networks connected to it. The same
> is true in China and everywhere else, including the U.S.
> Troy
Or perhaps they are one of 'Akamai likes' members.
We could see them running lots of servers while those servers actually just a
cache server to perform load balance.
- Rio.Martin -
