blu.org wiki
|
View:
New views
7 Messages
—
Rating Filter:
Alert me
|
 |
odd behavior from cygwin.com
by Stephen Adler
::
Rate this Message:
[adler@basement00 ~]$ nslookup cygwin.com
;; reply from unexpected source: 68.87.71.226#53, expected 68.87.73.242#53 ;; Warning: ID mismatch: expected ID 31756, got 9974 Server: 68.87.71.226 Address: 68.87.71.226#53 Non-authoritative answer: Name: cygwin.com Address: 209.132.176.174 ------------------ Guys, I got the above response from looking up cygwin.com. I'm trying to download the software, but the website seems to be down. After poking around a bit, it looks like there is a dns problem. But the above error message gives me the creeps. Should I worry about it? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: odd behavior from cygwin.com
by Gregory Boyce-3
::
Rate this Message:
On Thu, 26 Jun 2008, Stephen Adler wrote:
> [adler@basement00 ~]$ nslookup cygwin.com > ;; reply from unexpected source: 68.87.71.226#53, expected 68.87.73.242#53 > ;; Warning: ID mismatch: expected ID 31756, got 9974 > Server: 68.87.71.226 > Address: 68.87.71.226#53 It looks like you queried against one Comcast nameserver, and got a response from a different one. Perhaps a system with multiple IP addresses which was a bit confused? > Non-authoritative answer: > Name: cygwin.com > Address: 209.132.176.174 > My nameserver gives the same answer, so the problem does not appear to be malicious. > ------------------ > > Guys, I got the above response from looking up cygwin.com. I'm trying to > download the software, but the website seems to be down. After poking around > a bit, it looks like there is a dns problem. But the above error message > gives me the creeps. Should I worry about it? The website seems to be up for me. Are you still unable to get to it? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: odd behavior from cygwin.com
by Dan Ritter-2
::
Rate this Message:
On Thu, Jun 26, 2008 at 01:30:58PM -0400, Stephen Adler wrote:
> [adler@basement00 ~]$ nslookup cygwin.com > ;; reply from unexpected source: 68.87.71.226#53, expected 68.87.73.242#53 > ;; Warning: ID mismatch: expected ID 31756, got 9974 > Server: 68.87.71.226 > Address: 68.87.71.226#53 > > Non-authoritative answer: > Name: cygwin.com > Address: 209.132.176.174 > > ------------------ > > Guys, I got the above response from looking up cygwin.com. I'm trying to > download the software, but the website seems to be down. After poking > around a bit, it looks like there is a dns problem. But the above error > message gives me the creeps. Should I worry about it? dsr@tao:~$ dig cygwin.com ; <<>> DiG 9.3.4 <<>> cygwin.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4149 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;cygwin.com. IN A ;; ANSWER SECTION: cygwin.com. 43200 IN A 209.132.176.174 ;; Query time: 96 msec ;; SERVER: 4.2.2.1#53(4.2.2.1) ;; WHEN: Thu Jun 26 13:44:58 2008 ;; MSG SIZE rcvd: 44 Looks fine to me. The webpage comes up fine, too. -dsr- -- http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference. When freedom gets lots of exercise, it protects itself. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: odd behavior from cygwin.com
by Matthew Gillen
::
Rate this Message:
Stephen Adler wrote:
> [adler@basement00 ~]$ nslookup cygwin.com > ;; reply from unexpected source: 68.87.71.226#53, expected 68.87.73.242#53 > ;; Warning: ID mismatch: expected ID 31756, got 9974 > Server: 68.87.71.226 > Address: 68.87.71.226#53 > > Non-authoritative answer: > Name: cygwin.com > Address: 209.132.176.174 > > ------------------ > > Guys, I got the above response from looking up cygwin.com. I'm trying to > download the software, but the website seems to be down. After poking > around a bit, it looks like there is a dns problem. But the above error > message gives me the creeps. Should I worry about it? Can't say I've ever seen that before. Looks like your local DNS servers are doing something screwy, like answering each other's queries. The address for cygwin.com is correct though. Here's what I get from nslookup/dig on my home computer (I get the same response from my work machine): ------------------------------------- $ nslookup cygwin.com Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: Name: cygwin.com Address: 209.132.176.174 $ dig cygwin.com ; <<>> DiG 9.5.0rc1 <<>> cygwin.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4884 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;cygwin.com. IN A ;; ANSWER SECTION: cygwin.com. 43200 IN A 209.132.176.174 ;; AUTHORITY SECTION: cygwin.com. 42909 IN NS dns.airs.com. cygwin.com. 42909 IN NS server1.sourceware.org. ;; ADDITIONAL SECTION: dns.airs.com. 42910 IN A 71.133.8.30 server1.sourceware.org. 42909 IN A 209.132.176.174 ;; Query time: 182 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Jun 26 13:45:09 2008 ;; MSG SIZE rcvd: 135 ------------------------------------- HTH, Matt -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: odd behavior from cygwin.com
by Stephen Adler
::
Rate this Message:
Thanks guys,
I'm able to get to the website now. There must have been a disturbance in DNS space which kept me from getting to the web site. Cheers. Steve. Dan Ritter wrote: > On Thu, Jun 26, 2008 at 01:30:58PM -0400, Stephen Adler wrote: > >> [adler@basement00 ~]$ nslookup cygwin.com >> ;; reply from unexpected source: 68.87.71.226#53, expected 68.87.73.242#53 >> ;; Warning: ID mismatch: expected ID 31756, got 9974 >> Server: 68.87.71.226 >> Address: 68.87.71.226#53 >> >> Non-authoritative answer: >> Name: cygwin.com >> Address: 209.132.176.174 >> >> ------------------ >> >> Guys, I got the above response from looking up cygwin.com. I'm trying to >> download the software, but the website seems to be down. After poking >> around a bit, it looks like there is a dns problem. But the above error >> message gives me the creeps. Should I worry about it? >> > > dsr@tao:~$ dig cygwin.com > > ; <<>> DiG 9.3.4 <<>> cygwin.com > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4149 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, > ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;cygwin.com. IN A > > ;; ANSWER SECTION: > cygwin.com. 43200 IN A 209.132.176.174 > > ;; Query time: 96 msec > ;; SERVER: 4.2.2.1#53(4.2.2.1) > ;; WHEN: Thu Jun 26 13:44:58 2008 > ;; MSG SIZE rcvd: 44 > > Looks fine to me. The webpage comes up fine, too. > > -dsr- > > > -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: odd behavior from cygwin.com
by Matthew Gillen
::
Rate this Message:
Stephen Adler wrote:
> [adler@basement00 ~]$ nslookup cygwin.com > ;; reply from unexpected source: 68.87.71.226#53, expected 68.87.73.242#53 Incidentally, both those IP addresses are what I have as Comcast's DNS entries for DHCP clients. It might be that one was really slow to respond (.73.242), and your machine re-issued the request to the next guy (.71.226), and finally got a response from the first one. Does it happen repeatedly? Or was it a one-time thing? Matt -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
|
|
Re: odd behavior from cygwin.com
by Kristian Erik Hermansen
::
Rate this Message:
Black hats have been poisoning comcast dns servers for years. Seriously...
On 6/26/08, Matthew Gillen <me@...> wrote: > Stephen Adler wrote: >> [adler@basement00 ~]$ nslookup cygwin.com >> ;; reply from unexpected source: 68.87.71.226#53, expected 68.87.73.242#53 > > Incidentally, both those IP addresses are what I have as Comcast's DNS > entries > for DHCP clients. It might be that one was really slow to respond > (.73.242), > and your machine re-issued the request to the next guy (.71.226), and > finally > got a response from the first one. > > Does it happen repeatedly? Or was it a one-time thing? > > Matt > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > _______________________________________________ > Discuss mailing list > Discuss@... > http://lists.blu.org/mailman/listinfo/discuss > -- Sent from Gmail for mobile | mobile.google.com Kristian Erik Hermansen -- CISSP, CEPT, CREA, CEH, Linux+, A+, QGCS, ACSA, this is getting ridiculous... http://kristian-hermansen.com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list Discuss@... http://lists.blu.org/mailman/listinfo/discuss |
| Free Forum Powered by Nabble | Forum Help |
