On Wed, Jul 14, 2010 at 10:23 PM, <[email protected]> wrote: > >> while the sensible thing would be to implement it using dnses, this is >> not how they've done it. The magic is in the proxy. And just for the >> record, it wouldnt be just typos that would end up getting caught. If >> you thought a company had a ".com.sg" (not exactly a typo in the sense >> of somebody "never" doing it!) but they didnt, you would get the page >> too. > > That can't be (wholly) right. Starhub operates a transparent proxy. If you > can't resolve the invalid hostname to an IP address, you wouldn't even be > able to connect to the website's IP and the transparent proxy never comes > into play. >
oh yeah u're right! That would sound logical. Except what happened that led me to my conclusion. Basically, I could not resolve the ip at the command line - but if i i tried keying in that same address in the browser, I would get to the "helpful" page??? some funkiness there indeed. So finally decided to do some sniffing, and yes, there is "magic" in the dns... Goes like this: ============= cat /etc/resolv.conf # Generated by NetworkManager domain local search local nameserver 218.186.1.38 nameserver 202.156.1.48 ======== 3 tries of (in my case) 'samsung.com.sg' before going for 'samsung.com.sg.local' 21:10:23.183582 IP x.x.x.x.46328 > 218.186.1.38.53: 19239+ A? samsung.com.sg. (32) 21:10:23.198872 IP 218.186.1.38.53 > x.x.x.x.46328: 19239 ServFail 0/0/0 (32) 21:10:23.199158 IP x.x.x.x.38995 > 202.156.1.48.53: 19239+ A? samsung.com.sg. (32) 21:10:23.226096 IP 202.156.1.48.53 > x.x.x.x.38995: 19239 ServFail 0/0/0 (32) 21:10:23.236542 IP x.x.x.x.36645 > 218.186.1.38.53: 19239+ A? samsung.com.sg. (32) 21:10:23.258488 IP 218.186.1.38.53 > x.x.x.x.36645: 19239 ServFail 0/0/0 (32) 21:10:23.265708 IP x.x.x.x.57413 > 202.156.1.48.53: 19239+ A? samsung.com.sg. (32) 21:10:23.297979 IP 202.156.1.48.53 > x.x.x.x.57413: 19239 ServFail 0/0/0 (32) 21:10:23.300742 IP x.x.x.x.33393 > 218.186.1.38.53: 11158+ A? samsung.com.sg.local. (38) 21:10:23.606917 IP 218.186.1.38.53 > x.x.x.x.33393: 11158 1/0/0 (74) Get an ip of our "magic server" (204.232.231.43). Browser connects with hostname 'samsung.com.sg', and is 302 redirected to Location: http://search.maxonline.com.sg/index.php?origURL=http://samsung.com.sg/ -jf -- "Every nonfree program has a lord, a master -- and if you use the program, he is your master." --Richard Stallman "It's so hard to write a graphics driver that open-sourcing it would not help." -- Andrew Fear, Software Product Manager, NVIDIA Corporation http://kerneltrap.org/node/7228 _______________________________________________ LUGS Mailing list - [email protected] List FAQ: http://wiki.lugs.org.sg/LugsMailingListFaq Info page: http://www.lugs.org.sg/mailman/listinfo/slugnet To unsubscribe send an empty email to: [email protected]
