Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is This Dns Cache Poisioning


  • Please log in to reply
4 replies to this topic

#1 dannyboy 950

dannyboy 950

  • Members
  • 148 posts
  • OFFLINE
  •  
  • Local time:06:36 AM

Posted 09 November 2005 - 04:11 AM

While working on a connection problem, I checked my DNS cache this is what I found.
For the record I don't do adult sites.

Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Owner>ipconfig

Windows IP Configuration


Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.100.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :

C:\Documents and Settings\Owner>ipconfig /release

Windows IP Configuration


Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :

C:\Documents and Settings\Owner>ipconfig /renew

Windows IP Configuration


Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.100.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :

C:\Documents and Settings\Owner>ipconfig ?

Error: unrecongnized or incomplete command line.

USAGE:
ipconfig [/? | /all | /renew [adapter] | /release [adapter] |
/flushdns | /displaydns | /registerdns |
/showclassid adapter |
/setclassid adapter [classid] ]

where
adapter Connection name
(wildcard characters * and ? allowed, see examples)

Options:
/? Display this help message
/all Display full configuration information.
/release Release the IP address for the specified adapter.
/renew Renew the IP address for the specified adapter.
/flushdns Purges the DNS Resolver cache.
/registerdns Refreshes all DHCP leases and re-registers DNS names
/displaydns Display the contents of the DNS Resolver Cache.
/showclassid Displays all the dhcp class IDs allowed for adapter.
/setclassid Modifies the dhcp class id.

The default is to display only the IP address, subnet mask and
default gateway for each adapter bound to TCP/IP.

For Release and Renew, if no adapter name is specified, then the IP address
leases for all adapters bound to TCP/IP will be released or renewed.

For Setclassid, if no ClassId is specified, then the ClassId is removed.

Examples:
> ipconfig ... Show information.
> ipconfig /all ... Show detailed information
> ipconfig /renew ... renew all adapters
> ipconfig /renew EL* ... renew any connection that has its
name starting with EL
> ipconfig /release *Con* ... release all matching connections,
eg. "Local Area Connection 1" or
"Local Area Connection 2"

C:\Documents and Settings\Owner>ipconfig /displaydns

Windows IP Configuration

httpwwwads.com
----------------------------------------
Record Name . . . . . : httpwwwads.com
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


.farse.com
----------------------------------------
Record Name . . . . . : .farse.com
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


spermatrix.com
----------------------------------------
Record Name . . . . . : spermatrix.com
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


213.131.225.2
----------------------------------------
Record Name . . . . . : 213.131.225.2
Record Type . . . . . : 1
Time To Live . . . . : 604800
Data Length . . . . . : 4
Section . . . . . . . : Question
A (Host) Record . . . : 213.131.225.2


adsonwww.com
----------------------------------------
Record Name . . . . . : adsonwww.com
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


sgrunt.biz
----------------------------------------
Record Name . . . . . : sgrunt.biz
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


sexy18.cc
----------------------------------------
Record Name . . . . . : sexy18.cc
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


sexpatriot.net
----------------------------------------
Record Name . . . . . : sexpatriot.net
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


scarypix.com
----------------------------------------
Record Name . . . . . : scarypix.com
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


topsitez.us
----------------------------------------
Record Name . . . . . : topsitez.us
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


mainstreamdollars.com
----------------------------------------
Record Name . . . . . : mainstreamdollars.com
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


zesearch.com
----------------------------------------
Record Name . . . . . : zesearch.com
Record Type . . . . . : 1
Time To Live . . . . : 601332
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


fionasteel.com
----------------------------------------
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



C:\Documents and Settings\Owner>

BC AdBot (Login to Remove)

 


#2 dannyboy 950

dannyboy 950
  • Topic Starter

  • Members
  • 148 posts
  • OFFLINE
  •  
  • Local time:06:36 AM

Posted 10 November 2005 - 01:56 AM

some additional info

Sorry I am late getting back on this havent been able to get online. Connection unable to establish a gateway and resolve dns. Kinda why I looked at my cache LOL.

I checked my hosts file I have about 300 entries in there, Iuse Spybots and hupguru's list.
Only a couple of the dns cache dump are in the hosts list.
I have checked the line from the house to the pole and the computer shows no problem. The icon shows the connection to be established with no problems reported by windows. Yet the modem wont stay lit up and It can't establish a gateway or connect but now and then.

Called RR but they show no problems am trying to get them to give me another modem. I also have tried 3 different nicks to no avail

#3 acklan

acklan

    Bleepin' cat's meow


  • Members
  • 8,529 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:05:36 AM

Posted 10 November 2005 - 02:09 AM

You need to go into you NIC properties and enable "Obtain IP automaticly"
And "Obtain DNS automaticly".
Are you trying to run a static IP?
"2007 & 2008 Windows Shell/User Award"

#4 dannyboy 950

dannyboy 950
  • Topic Starter

  • Members
  • 148 posts
  • OFFLINE
  •  
  • Local time:06:36 AM

Posted 11 November 2005 - 07:02 PM

I have the nic configured to obtain IP and DNS automatically.
No this comp is not on a static IP.

Thanks for the suggestions tho. I am leaning towards a failing modem it is 4 yrs old after all LOL.

Itried 3 different nic's and 2 other computers. All have had the same problem. Connection is lost intermittantly and it then can't establish a gateway or resolve DNS altho the icon posts a message it is connected and windows reports no problem with the connection.

#5 acklan

acklan

    Bleepin' cat's meow


  • Members
  • 8,529 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:05:36 AM

Posted 11 November 2005 - 08:12 PM

It could be something as simple as bad POTS (Plain Old Telephone Service) wiring. Father-in-law had a problem with his wire. We jumped it to the POTS service box and wired it straight and it resolved the problem. The teleco came out and ran new service from the street to the service box, replaced the service box, and to his DSL modem.
"2007 & 2008 Windows Shell/User Award"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users