From: Adam Carter <adamcarter3@gmail.com>
To: "gentoo-user@lists.gentoo.org" <gentoo-user@lists.gentoo.org>
Subject: Re: [gentoo-user] [OT] Mysterious vanishing of DNS entry of www.youtube.com...was I hacked?
Date: Wed, 11 Mar 2015 20:28:19 +1100 [thread overview]
Message-ID: <CAC=wYCGLHuiE8H44KSs9mz6wvytaez0hcUtETMJE+xG0oYkOFA@mail.gmail.com> (raw)
In-Reply-To: <54FF87F7.9010801@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 829 bytes --]
The second argument to both host and nslookup, specifies the server to use
for the lookup. So, you can compare the results of the DNS server specified
in /etc/resolv.conf, with others like those mentioned above, eg
host youtube.com 8.8.8.8
or
nslookup youtube.com 4.2.2.4
However, youtube.com will no doubt be using global server load balancing,
which means the DNS response will be based on the source IP address of the
DNS request, so you can be directed to the closest youtube.com server(s).
So, since you cant be sure the DNS results will be consistent across DNS
servers, you can't use that to determine if you're being MITM'd. Mind you I
don't think a non-targetted MITM would bother with someone's youtube
traffic, but if your concerned about that just connect to youtube with
https, so the certificate can be verified.
[-- Attachment #2: Type: text/html, Size: 1245 bytes --]
next prev parent reply other threads:[~2015-03-11 9:28 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-10 18:16 [gentoo-user] [OT] Mysterious vanishing of DNS entry of www.youtube.com...was I hacked? Meino.Cramer
2015-03-10 19:09 ` wabenbau
2015-03-10 19:14 ` J. Roeleveld
2015-03-10 19:35 ` wabenbau
2015-03-11 0:10 ` Justin Findlay
2015-03-11 9:28 ` Adam Carter [this message]
2015-03-11 22:31 ` wabenbau
2015-03-10 19:30 ` bitlord
2015-03-10 20:34 ` [gentoo-user] " James
2015-03-10 21:03 ` [gentoo-user] " Walter Dnes
2015-03-11 9:24 ` Peter Humphrey
2015-03-11 9:28 ` Stroller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAC=wYCGLHuiE8H44KSs9mz6wvytaez0hcUtETMJE+xG0oYkOFA@mail.gmail.com' \
--to=adamcarter3@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox