[nSLUG] EastLink hijacking DNS

Dan Peterson dpiddy at gmail.com
Mon Nov 2 09:17:14 AST 2009


On Mon, Nov 2, 2009 at 9:06 AM, Dop Ganger <nslug at fop.ns.ca> wrote:
> Really? Is Eastlink's DNS returning something for, say, "host
> badnname.dns.com. 24.222.0.94" as well as "host
> baddnsname.dns.com.eastlink.ca 24.222.0.94"?
>
> Are you getting assigned different DNS servers by DHCP, perhaps? I'm
> assigned 24.222.0.94 and 24.222.0.95 and don't see this myself from either
> of those two servers.

I've been assigned .96 and .97. Like I said, I can't find where to opt
back in to test for sure. I thought when I discovered they were
hijacking that I tested with 'dig satoehuastoehu' or similar which
doesn't use search domains without '+search'. But it looks like I may
have used ping instead which would. So maybe it is based on searching
eastlink.ca.

Either way, not good. >_<

-Dan



More information about the nSLUG mailing list