DNS query GetHostByName double check (Happy Xmas)
Posted by paolo on 25 December, 2007
Happy Xmas to all!
I was showering some minutes ago. And I was thinking about the fact that “Security is an illusion”. Then I thinked about the fact that the first entry in my resolv.conf is an OpenDNS IP and the second is the one of my ISP. So, if someone malicious get into OpenDNS’ servers or my ISP’s ones, they can get a lot of informations. That’s no doubt about it: getting into a DNS server is a big shot.
So, then, I thinked about an ipotetical gethostbyname() that does n queries to the n DNS servers specified in the /etc/resolv.conf and tell me if there are differences.
Of course if I query about “yahoo.com”, I may get tons of different results, but if I query about small ISP’s services (or banks’) I’ll be glad knowing if two DNS servers give me two differents IPs.
Maybe I’m talking about “already in the wild” solutions? Or maybe this is the regular functioning of the OpenBSD’s gethostbyname? (Don’t think so).
I’m gonna check if I can do something on a Linux system first, or on a Bind installation, because maybe this work can be done via Bind, making it checking others DNS’ replies.
Ok, sorry for that bullshit, today is Xmas here in Italy, so… happy Xmas again!