Paolo Gabrielli\’s Blog

Just another near empty WordPress.com’s weblog. But this is from Paolo ‘pkirk’ Gabrielli.

DNS query GetHostByName double check (Happy Xmas)

Posted by paolo on 25 December, 2007

Happy Xmas to all!

I was showering some minutes ago. And I was thinking about the fact that “Security is an illusion”. Then I thinked about the fact that the first entry in my resolv.conf is an OpenDNS IP and the second is the one of my ISP. So, if someone malicious get into OpenDNS’ servers or my ISP’s ones, they can get a lot of informations. That’s no doubt about it: getting into a DNS server is a big shot.
So, then, I thinked about an ipotetical gethostbyname() that does n queries to the n DNS servers specified in the /etc/resolv.conf and tell me if there are differences.
Of course if I query about “yahoo.com”, I may get tons of different results, but if I query about small ISP’s services (or banks’) I’ll be glad knowing if two DNS servers give me two differents IPs.
Maybe I’m talking about “already in the wild” solutions? Or maybe this is the regular functioning of the OpenBSD’s gethostbyname? (Don’t think so).
I’m gonna check if I can do something on a Linux system first, or on a Bind installation, because maybe this work can be done via Bind, making it checking others DNS’ replies.

Ok, sorry for that bullshit, today is Xmas here in Italy, so… happy Xmas again!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: