Anyone else spotted that Someone Has Done Something Over The Weekend?
Using the LSN ep1 forwarders, I'm seeing nslookup returning queries as google.com.lincs.sch.uk (for example) and instead of a 404 for invalid domains, I'm getting an OpenDNS page with (among other things) pregnancy test adverts. Invalid URLS are all being redirected to 67.215.65.132 (OpenDNS).
Ticket is open, just wondering if anyone else has noticed it.
So Lincolnshire DNS uses OpenDNS for upstream queries? That's not exactly playing by the rules. OpenDNS will probably ban the forwarders as soon as they notice the traffic volumes.
No, it shouldn't be using it at all, hence the WTF? this morning.Originally Posted by Geoff
Don't know whether it's deliberate, a band-aid while they fix an underlying problem or a foul-up. All I know is that when I send an invalid domain to their DNS servers it sends a response that corresponds to the IP of an OpenDNS server.
Screen Shot 2012-11-19 at 14.02.54.png
Last edited by pete; 19th November 2012 at 02:06 PM.
Noticing the same thing here. Perhaps this was the temporary fix in response to the DDOS attack on tuesday.
Heard back - it's apparently a band-aid due to KCOM DNS being unreliable. Which KCOM will be fixing RealSoon (tm).
And this is still ongoing and causing issues with SSL requests ("I can't find that website, so I'll respond with an OpenDNS SSL cert, that's cool, right?")
Can other people start poking Mouchel and KCOM please, because this is silly now. Mouchel say it's a KCOM issue, so if that's the case others using KCOM DNS should be getting dodgy service as well.
Last edited by pete; 13th February 2013 at 05:22 PM.
Are the ports for DNS filtered? If not, don't use the forwarders?
They're not and that's my temporary workaround, but there's a fair bit of internal stuff that's not published to external DNS and it's not grouped in a manner that makes setting up exceptions for those things easy.
Intercept and redirect DNS traffic going to the LSN DNS servers at your network border to go somewhere else. Probably your main internal DNS forwarder that's talking to the root the DNS servers.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
