DNS Settings

  • Thread starter Thread starter John
  • Start date Start date
J

John

Guest
Multiple DNS implementations vulnerable to cache poisoning
http://www.kb.cert.org/vuls/id/800113

In response to the above security vulnerability, I'm trying to manually
configure WinXP machine to query OpenDNS servers (or any other DNS server
that's been patched).

I'm doing this because the WinXP machine is currently using ISP DNS server
and they haven't done anything to fix the problem. I doubt they will patch
their DNS servers at anytime soon (I'm talking about ISP in a 3rd world
country).

If I configure my TCP/IP settings to use primary/secondary DNS from OpenDNS,
what will happen? Will XP 'ask' primary DNS and if that fails, XP then 'ask'
secondary DNS? If both fail, will I get "unknown URL" message?

Does anyone know how WinXP DNS resolution behave? I'd like to be sure that
my WinXP machine only queries DNS servers that I tell it to use. I don't
want it to failover to some unpatched DNS servers out there on the web and
get a bogus result.

Thanks.
 
Re: DNS Settings

Try asking your questions here instead: http://forums.opendns.com/
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

John wrote:
> Multiple DNS implementations vulnerable to cache poisoning
> http://www.kb.cert.org/vuls/id/800113
>
> In response to the above security vulnerability, I'm trying to manually
> configure WinXP machine to query OpenDNS servers (or any other DNS server
> that's been patched).
>
> I'm doing this because the WinXP machine is currently using ISP DNS server
> and they haven't done anything to fix the problem. I doubt they will patch
> their DNS servers at anytime soon (I'm talking about ISP in a 3rd world
> country).
>
> If I configure my TCP/IP settings to use primary/secondary DNS from
> OpenDNS,
> what will happen? Will XP 'ask' primary DNS and if that fails, XP then
> 'ask'
> secondary DNS? If both fail, will I get "unknown URL" message?
>
> Does anyone know how WinXP DNS resolution behave? I'd like to be sure that
> my WinXP machine only queries DNS servers that I tell it to use. I don't
> want it to failover to some unpatched DNS servers out there on the web and
> get a bogus result.
>
> Thanks.
 
Re: DNS Settings

Thanks but this is actually WinXP question. I'd like to know how WinXP name
resolution works.


"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:uZSaMzA9IHA.2060@TK2MSFTNGP02.phx.gbl...
> Try asking your questions here instead: http://forums.opendns.com/
> --
> ~Robear Dyer (PA Bear)
> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
> AumHa VSOP & Admin http://aumha.net
> DTS-L http://dts-l.net/
>
> John wrote:
>> Multiple DNS implementations vulnerable to cache poisoning
>> http://www.kb.cert.org/vuls/id/800113
>>
>> In response to the above security vulnerability, I'm trying to manually
>> configure WinXP machine to query OpenDNS servers (or any other DNS server
>> that's been patched).
>>
>> I'm doing this because the WinXP machine is currently using ISP DNS
>> server
>> and they haven't done anything to fix the problem. I doubt they will
>> patch
>> their DNS servers at anytime soon (I'm talking about ISP in a 3rd world
>> country).
>>
>> If I configure my TCP/IP settings to use primary/secondary DNS from
>> OpenDNS,
>> what will happen? Will XP 'ask' primary DNS and if that fails, XP then
>> 'ask'
>> secondary DNS? If both fail, will I get "unknown URL" message?
>>
>> Does anyone know how WinXP DNS resolution behave? I'd like to be sure
>> that
>> my WinXP machine only queries DNS servers that I tell it to use. I don't
>> want it to failover to some unpatched DNS servers out there on the web
>> and
>> get a bogus result.
>>
>> Thanks.

>
 
Re: DNS Settings

Entire careers have been based on this topic, John.

Start here: http://technet.microsoft.com/en-us/library/cc307741.aspx

Also see http://technet.microsoft.com/en-us/bb457156.aspx

How to troubleshoot TCP/IP connectivity with Windows XP:
http://support.microsoft.com/kb/314067
--
~PA Bear


John wrote:
> Thanks but this is actually WinXP question. I'd like to know how WinXP
> name
> resolution works.
>
>> Try asking your questions here instead: http://forums.opendns.com/
>>
>> John wrote:
>>> Multiple DNS implementations vulnerable to cache poisoning
>>> http://www.kb.cert.org/vuls/id/800113
>>>
>>> In response to the above security vulnerability, I'm trying to manually
>>> configure WinXP machine to query OpenDNS servers (or any other DNS
>>> server
>>> that's been patched).
>>>
>>> I'm doing this because the WinXP machine is currently using ISP DNS
>>> server
>>> and they haven't done anything to fix the problem. I doubt they will
>>> patch
>>> their DNS servers at anytime soon (I'm talking about ISP in a 3rd world
>>> country).
>>>
>>> If I configure my TCP/IP settings to use primary/secondary DNS from
>>> OpenDNS,
>>> what will happen? Will XP 'ask' primary DNS and if that fails, XP then
>>> 'ask'
>>> secondary DNS? If both fail, will I get "unknown URL" message?
>>>
>>> Does anyone know how WinXP DNS resolution behave? I'd like to be sure
>>> that
>>> my WinXP machine only queries DNS servers that I tell it to use. I don't
>>> want it to failover to some unpatched DNS servers out there on the web
>>> and
>>> get a bogus result.
>>>
>>> Thanks.
 
Re: DNS Settings

https://www.opendns.com/start?device=windows-xp

--
Gary S. Terhune
MS-MVP Shell/User
http://grystmill.com

"John" <a> wrote in message news:%23GkFJu$8IHA.4088@TK2MSFTNGP03.phx.gbl...
> Multiple DNS implementations vulnerable to cache poisoning
> http://www.kb.cert.org/vuls/id/800113
>
> In response to the above security vulnerability, I'm trying to manually
> configure WinXP machine to query OpenDNS servers (or any other DNS server
> that's been patched).
>
> I'm doing this because the WinXP machine is currently using ISP DNS server
> and they haven't done anything to fix the problem. I doubt they will patch
> their DNS servers at anytime soon (I'm talking about ISP in a 3rd world
> country).
>
> If I configure my TCP/IP settings to use primary/secondary DNS from
> OpenDNS, what will happen? Will XP 'ask' primary DNS and if that fails, XP
> then 'ask' secondary DNS? If both fail, will I get "unknown URL" message?
>
> Does anyone know how WinXP DNS resolution behave? I'd like to be sure that
> my WinXP machine only queries DNS servers that I tell it to use. I don't
> want it to failover to some unpatched DNS servers out there on the web and
> get a bogus result.
>
> Thanks.
>
 
Re: DNS Settings

Thanks.

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:OSk3vVB9IHA.5700@TK2MSFTNGP02.phx.gbl...
> Entire careers have been based on this topic, John.
>
> Start here: http://technet.microsoft.com/en-us/library/cc307741.aspx
>
> Also see http://technet.microsoft.com/en-us/bb457156.aspx
>
> How to troubleshoot TCP/IP connectivity with Windows XP:
> http://support.microsoft.com/kb/314067
> --
> ~PA Bear
>
>
> John wrote:
>> Thanks but this is actually WinXP question. I'd like to know how WinXP
>> name
>> resolution works.
>>
>>> Try asking your questions here instead: http://forums.opendns.com/
>>>
>>> John wrote:
>>>> Multiple DNS implementations vulnerable to cache poisoning
>>>> http://www.kb.cert.org/vuls/id/800113
>>>>
>>>> In response to the above security vulnerability, I'm trying to manually
>>>> configure WinXP machine to query OpenDNS servers (or any other DNS
>>>> server
>>>> that's been patched).
>>>>
>>>> I'm doing this because the WinXP machine is currently using ISP DNS
>>>> server
>>>> and they haven't done anything to fix the problem. I doubt they will
>>>> patch
>>>> their DNS servers at anytime soon (I'm talking about ISP in a 3rd world
>>>> country).
>>>>
>>>> If I configure my TCP/IP settings to use primary/secondary DNS from
>>>> OpenDNS,
>>>> what will happen? Will XP 'ask' primary DNS and if that fails, XP then
>>>> 'ask'
>>>> secondary DNS? If both fail, will I get "unknown URL" message?
>>>>
>>>> Does anyone know how WinXP DNS resolution behave? I'd like to be sure
>>>> that
>>>> my WinXP machine only queries DNS servers that I tell it to use. I
>>>> don't
>>>> want it to failover to some unpatched DNS servers out there on the web
>>>> and
>>>> get a bogus result.
>>>>
>>>> Thanks.

>
 
Re: DNS Settings

I know where the settings are located but thanks anyway for the article.

"Gary S. Terhune" <none> wrote in message
news:uQPcpZB9IHA.1428@TK2MSFTNGP06.phx.gbl...
> https://www.opendns.com/start?device=windows-xp
>
> --
> Gary S. Terhune
> MS-MVP Shell/User
> http://grystmill.com
>
> "John" <a> wrote in message
> news:%23GkFJu$8IHA.4088@TK2MSFTNGP03.phx.gbl...
>> Multiple DNS implementations vulnerable to cache poisoning
>> http://www.kb.cert.org/vuls/id/800113
>>
>> In response to the above security vulnerability, I'm trying to manually
>> configure WinXP machine to query OpenDNS servers (or any other DNS server
>> that's been patched).
>>
>> I'm doing this because the WinXP machine is currently using ISP DNS
>> server and they haven't done anything to fix the problem. I doubt they
>> will patch their DNS servers at anytime soon (I'm talking about ISP in a
>> 3rd world country).
>>
>> If I configure my TCP/IP settings to use primary/secondary DNS from
>> OpenDNS, what will happen? Will XP 'ask' primary DNS and if that fails,
>> XP then 'ask' secondary DNS? If both fail, will I get "unknown URL"
>> message?
>>
>> Does anyone know how WinXP DNS resolution behave? I'd like to be sure
>> that my WinXP machine only queries DNS servers that I tell it to use. I
>> don't want it to failover to some unpatched DNS servers out there on the
>> web and get a bogus result.
>>
>> Thanks.
>>

>
>
 
Re: DNS Settings

Yeah, I realized that after I sent, but I was on my way out the door. And
while I don't know how DNS requests get handled after those two are tried
(look for another DNS server of display "Can't be found" error?) it did
occur to me as I was riding down the road that if you have broadband, you'll
also want to check the settings in the modem and/or router (or whatever you
have) to see that all of their DNS settings are also set to OpenDNS servers.
If your XP doesn't stop after the secondary DNS in TCP/IP settings, the next
place I would bet it looks is the default gateway, which gets its DNS data
from the ISP.

--
Gary S. Terhune
MS-MVP Shell/User
http://grystmill.com

"John" <a> wrote in message news:uX5PQTC9IHA.4608@TK2MSFTNGP06.phx.gbl...
>I know where the settings are located but thanks anyway for the article.
>
> "Gary S. Terhune" <none> wrote in message
> news:uQPcpZB9IHA.1428@TK2MSFTNGP06.phx.gbl...
>> https://www.opendns.com/start?device=windows-xp
>>
>> --
>> Gary S. Terhune
>> MS-MVP Shell/User
>> http://grystmill.com
>>
>> "John" <a> wrote in message
>> news:%23GkFJu$8IHA.4088@TK2MSFTNGP03.phx.gbl...
>>> Multiple DNS implementations vulnerable to cache poisoning
>>> http://www.kb.cert.org/vuls/id/800113
>>>
>>> In response to the above security vulnerability, I'm trying to manually
>>> configure WinXP machine to query OpenDNS servers (or any other DNS
>>> server that's been patched).
>>>
>>> I'm doing this because the WinXP machine is currently using ISP DNS
>>> server and they haven't done anything to fix the problem. I doubt they
>>> will patch their DNS servers at anytime soon (I'm talking about ISP in a
>>> 3rd world country).
>>>
>>> If I configure my TCP/IP settings to use primary/secondary DNS from
>>> OpenDNS, what will happen? Will XP 'ask' primary DNS and if that fails,
>>> XP then 'ask' secondary DNS? If both fail, will I get "unknown URL"
>>> message?
>>>
>>> Does anyone know how WinXP DNS resolution behave? I'd like to be sure
>>> that my WinXP machine only queries DNS servers that I tell it to use. I
>>> don't want it to failover to some unpatched DNS servers out there on the
>>> web and get a bogus result.
>>>
>>> Thanks.
>>>

>>
>>

>
>
 
Back
Top