[ale] still trying to figure it out
Geoffrey
esoteric at 3times25.net
Thu Jul 31 20:53:42 EDT 2003
But I can get to it consistently from my firewall. It's anything that's
nat'ed that's having a problem.
David S. Jackson wrote:
> On Thu, Jul 31, 2003 at 05:25:47PM -0400 Geoffrey The Esoteric <esoteric at 3times25.net> wrote:
>
>>I'm still trying to figure out why I can not get to the web site
>>https://mybenefits.csplans.com/
>>
>>I was just looking at the output of tcpdump. When I connect
>>successfully from inside the dmz, I see a dns request and then a
>>response. When I attempt to connect from behind the dmz, I see a dns
>>request and 'no such name' error.
>>
>>Anyone have any idea how it is the data being passed to the dns server
>>would, in anyway get changed such that it can not locate the name? Both
>>queries hit the same name server.
>
>
> Well, I just checked the site, and it seems to be up for me.
>
> I just did a whois on csplans.com, and it looks like they're
> still messing with their dns records. The authoritative dns host
> is DNSJM1.CSPLANS.COM at 12.38.217.253, but look at this:
>
>
> Record expires on 30-Jun-2006.
> Record created on 22-Jul-2003.
> Database last updated on 31-Jul-2003 19:48:15 EDT.
>
> Are you responsible for all this work on the part of the DNS
> admins? :-)
>
> I just did a few dig and nslookup queries on dnsjm1.csplans.com,
> and all I get (for the most part) is "unspecified error", which
> means I think they're filtering the dns ports and not authorizing
> any sort of xfer to the likes of me. (Also that I don't know how
> to use the tools very well.)
>
> But it looks like something's amiss with the dns. If you do a
> traceroute mybenefits.csplans.com you wind up at 66.21.65.162 in
> 12 hops. If you do a nslookup on the same, you get 65.83.73.47.
> Same if you ping (udp is filtered). If you dig
> mybenefits.csplans.com, you wind up with an A record at
> 65.83.73.47. And it takes me 3713 msec, which seems like a long
> time. Also, you get some differences in output between
>
> dig @dnsjm1.csplans.com -t ANY csplans.com
> and
> dig @ns.bellsouth.net -t ANY csplans.com
>
> I wonder if csplans is running an older version of bind?
>
> Then again, DNS could be fine and somebody just kicked the plug
> out of the server the first time... :-)
>
--
Until later: Geoffrey esoteric at 3times25.net
The latest, most widespread virus? Microsoft end user agreement.
Think about it...
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list