08-17-2012, 01:33 PM
|
| |
 Re: Windows XP Problem Seeing DNS Responses
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:yuadnb_yQpx72bPNnZ2dnUVZ_smdnZ2d@giganews.com ...
> From: "W" <persistentone@spamarrest.com>
>
> > On our Windows XP and Windows 2003 work computers, we are having some
kind
> > of DNS catastrophe. Clients get into a mode for five to 20 minutes at
a
> > time, during which they cannot *receive* responses from a DNS query.
> >
> > Put one sniffer on the client computer, and put a second sniffer on the
> > client network side of a firewall. The firewall sniffer sees the
> > following:
> >
> > client requests A record for host xyz from DNS server
> > client requests A record for host xyz from DNS server
> > client requests A record for host xyz from DNS server
> > ...
> > DNS server responds with IP for host xyz
> > DNS server responds with IP for host xyz
> > DNS server responds with IP for host xyz
> >
> > The DNS response seems to target the mac address of the correct client
> > computer.
> >
> > But run a sniffer on the client and what you see is only the request and
> > not
> > the DNS response!!! The client goes into a panic and starts to try to
> > grab
> > DNS records for domain, and basically nothing resolves. The client
> > computer is marooned.
> >
> > This is absolutely as bizarre a situation as I have seen. It literally
> > looks like the traffic is being shaped by something on the client, and
> > even
> > though there are responses to the DNS inquiries generated, the client
> > either
> > doesn't get them or doesn't process them.
> >
> > Is there any known issue with recent Windows Updates that might cause
this
> > problem? Does this sound like any known trojan?
> >
>
> Are you using AT&T ?
I guess I should make explicit that the DNS server I am referring to above
is our Windows 2003 domain controller, and the host XYZ referenced above is
our *internal* host.
There is no issue about resolving Internet hosts.
--
W
 |
Linear Mode
