So, when you type nslookup www.yourdomain.com at your computer, without an corresponding HTTP request, what does it do ?
If it resolves at all, then congratulations, you have a back channel via the BlackOps of DNS. On Fri, 2008-02-22 at 10:07 -0800, Alan wrote: > Right, but my internal DNS does not forward requests. It resolves for > mycorp.com and that's it. Everything else is dropped. > The only servers allowed to make outside lookups are the proxy > servers, > and they only make lookups on for http requests. > > Interesting all the same though, I wonder what it would do > performance-wise. > I'm going to have to play with it. > > -ajb -- ************************************************************ Michael J. McCafferty Principal, Security Engineer M5 Hosting http://www.m5hosting.com You can have your own custom Dedicated Server up and running today ! RedHat Enterprise, CentOS, Fedora, Debian, OpenBSD, FreeBSD, and more ************************************************************ -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
