DNS Randomness Test

Posted: 07-28-2008, 01:39 PM
"The test takes a few seconds to complete. When its done you'll see a page
where the transaction ID and source port randomness will be rated either
GREAT, GOOD, or POOR. If you see a POOR rating, we recommend that contact
your ISP and ask if they have plans to upgrade their nameserver software
before August 7th."
https://www.dns-oarc.net/oarc/services/dnsentropy

DNS Randomness Test


Responses to "DNS Randomness Test"

Twayne
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-28-2008, 04:18 PM
> "The test takes a few seconds to complete. When its done you'll see a
> page where the transaction ID and source port randomness will be
> rated either GREAT, GOOD, or POOR. If you see a POOR rating, we
> recommend that contact your ISP and ask if they have plans to upgrade
> their nameserver software before August 7th."
Umm, I'd beware any stranger offering advice in case that appeals to
you. It's outright spam to begin with and of no known value or
recognition otherwise. It's designed to make you curious and want to
visit that URL where who knows what might go on? It'd be funny if it
weren't so stupid!



Geoff
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-28-2008, 05:11 PM
On Mon, 28 Jul 2008 12:18:10 -0400, "Twayne" <nobody@devnull.spamcop.net>
wrote:
>> "The test takes a few seconds to complete. When its done you'll see a
>> page where the transaction ID and source port randomness will be
>> rated either GREAT, GOOD, or POOR. If you see a POOR rating, we
>> recommend that contact your ISP and ask if they have plans to upgrade
>> their nameserver software before August 7th."
>
>Umm, I'd beware any stranger offering advice in case that appeals to
>you. It's outright spam to begin with and of no known value or
>recognition otherwise. It's designed to make you curious and want to
>visit that URL where who knows what might go on? It'd be funny if it
>weren't so stupid!
>
>
As an advisory it lacks any real information. This is supposed to be an
advisory about the Kaminsky DNS vulnerability but is of limited use to end
users other than to generate grass roots movement from users to get ISP's
to upgrade their DNS code.

The full text of the dns-oarc.net page follows:

----------------------

US-CERT's Vulnerability Note VU#800113 describes deficiencies in the DNS
protocol and implementations that can facilitate cache poisoning attacks.
The answers from a poisoned nameserver cannot be trusted. You may be
redirected to malicious web sites that will try to steal your identity or
infect your computers with malware. On August 7, 2008, Dan Kaminsky will
release the details of how such attacks can be launched against vulnerable
DNS resolvers.

The essence of the problem is that DNS resolvers don't always use enough
randomness in their transaction IDs and query source ports. Increasing the
amount of randomness increases the difficulty of a successful poisoning
attack.

This page exists to help you learn if your ISP's nameservers are vulnerable
to this type of attack. If you click on the button below, we will test the
randomness of your ISP DNS resolver.


The test takes a few seconds to complete. When its done you'll see a page
where the transaction ID and source port randomness will be rated either
GREAT, GOOD, or POOR. If you see a POOR rating, we recommend that contact
your ISP and ask if they have plans to upgrade their nameserver software
before August 7th.

See porttest for another way to check your resolver from a Unix
commandline.

----------------------

See also: http://www.kb.cert.org/vuls/id/800113
David H. Lipman
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-28-2008, 08:30 PM
From: "Twayne" <nobody@devnull.spamcop.net>
>> "The test takes a few seconds to complete. When its done you'll see a
>> page where the transaction ID and source port randomness will be
>> rated either GREAT, GOOD, or POOR. If you see a POOR rating, we
>> recommend that contact your ISP and ask if they have plans to upgrade
>> their nameserver software before August 7th."
| Umm, I'd beware any stranger offering advice in case that appeals to
| you. It's outright spam to begin with and of no known value or
| recognition otherwise. It's designed to make you curious and want to
| visit that URL where who knows what might go on? It'd be funny if it
| weren't so stupid!



No. Both Kayman and the site are legitimate and most importantly this is a good test
concerning the US CERT
Vulnerability Note VU#800113

Reference:
http://www.kb.cert.org/vuls/id/800113

This is NOT spam!

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


Lon
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-29-2008, 01:14 AM
Twayne wrote:
>> "The test takes a few seconds to complete. When its done you'll see a
>> page where the transaction ID and source port randomness will be
>> rated either GREAT, GOOD, or POOR. If you see a POOR rating, we
>> recommend that contact your ISP and ask if they have plans to upgrade
>> their nameserver software before August 7th."
https://www.dns-oarc.net/oarc/services/dnsentropy
>
> Umm, I'd beware any stranger offering advice in case that appeals to
> you. It's outright spam to begin with and of no known value or
> recognition otherwise. It's designed to make you curious and want to
> visit that URL where who knows what might go on? It'd be funny if it
> weren't so stupid!
>
>
>
I'd also beware of self appointed security experts who do not recognize
the site www.dns-oarc.net.
FromTheRafters
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-29-2008, 01:24 AM

"Lon" <lon.stowell@comcast.net> wrote in message
news:79Kdne3O09h_8xPVnZ2dnUVZ_hjinZ2d@comcast.com. ..
> Twayne wrote:
>>> "The test takes a few seconds to complete. When its done you'll see a
>>> page where the transaction ID and source port randomness will be
>>> rated either GREAT, GOOD, or POOR. If you see a POOR rating, we
>>> recommend that contact your ISP and ask if they have plans to upgrade
>>> their nameserver software before August 7th."
> https://www.dns-oarc.net/oarc/services/dnsentropy
>>
>> Umm, I'd beware any stranger offering advice in case that appeals to you.
>> It's outright spam to begin with and of no known value or recognition
>> otherwise. It's designed to make you curious and want to visit that URL
>> where who knows what might go on? It'd be funny if it weren't so stupid!
>>
>>
>>
> I'd also beware of self appointed security experts who do not recognize
> the site www.dns-oarc.net.
But how do we know that clicking that link will actually
resolve to that (considering the topic) legitimate site? :O)

URL's are not dangerous, however the software you run to
access them may well be.


Lon
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-29-2008, 01:53 AM
FromTheRafters wrote:
> "Lon" <lon.stowell@comcast.net> wrote in message
> news:79Kdne3O09h_8xPVnZ2dnUVZ_hjinZ2d@comcast.com. ..
>> Twayne wrote:
>>>> "The test takes a few seconds to complete. When its done you'll see a
>>>> page where the transaction ID and source port randomness will be
>>>> rated either GREAT, GOOD, or POOR. If you see a POOR rating, we
>>>> recommend that contact your ISP and ask if they have plans to upgrade
>>>> their nameserver software before August 7th."
>> https://www.dns-oarc.net/oarc/services/dnsentropy
>>> Umm, I'd beware any stranger offering advice in case that appeals to you.
>>> It's outright spam to begin with and of no known value or recognition
>>> otherwise. It's designed to make you curious and want to visit that URL
>>> where who knows what might go on? It'd be funny if it weren't so stupid!
>>>
>>>
>>>
>> I'd also beware of self appointed security experts who do not recognize
>> the site www.dns-oarc.net.
>
> But how do we know that clicking that link will actually
> resolve to that (considering the topic) legitimate site? :O)
Klothnet nslookup if your software doesn't display the full encoded
url on mouseover.
>
> URL's are not dangerous, however the software you run to
> access them may well be.
Most of the problems are just above and behind the keyboard.



Twayne
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-29-2008, 03:31 AM
f'ups set to msp sec... .virus to save gas, I mean, ether.
> Twayne wrote:
>>> "The test takes a few seconds to complete. When its done you'll see
>>> a page where the transaction ID and source port randomness will be
>>> rated either GREAT, GOOD, or POOR. If you see a POOR rating, we
>>> recommend that contact your ISP and ask if they have plans to
>>> upgrade their nameserver software before August 7th."
> https://www.dns-oarc.net/oarc/services/dnsentropy
>>
>> Umm, I'd beware any stranger offering advice in case that appeals to
>> you. It's outright spam to begin with and of no known value or
>> recognition otherwise. It's designed to make you curious and want to
>> visit that URL where who knows what might go on? It'd be funny if it
>> weren't so stupid!
>>
>>
>>
> I'd also beware of self appointed security experts who do not
> recognize the site www.dns-oarc.net.


None the less, it is spam and as such is subject to all the things spam
is worthy of: nothing. I repeat: "It's designed to make you curious
and want to
>> visit that URL where who knows what might go on? It'd be funny if it
>> weren't so stupid!"
Spam is spam and you are a spammer.
And speaking of "experts", you seem totally unaware that spam isn't
acceptable, and also that redirections are easy. If you think that URL
is so well known, you have another think coming. It is NOT a recognized
web site for security aspects. In fact:

It's blacklisted at APEWS-L1: (SPEWS replacement)
-----------------------------------------------
http://openrbl.org/client/#www.dns-oarc.net
APEWS_L1 - Anon PM Early Warning System - Level 1
RHS: Spamvertized Domains and alike_
homepagehttp://apews.org/
typeHOST (RHS) Blacklist
zonel1.apews.rhsbl.uceprotect.net [Wiki]
statusBlocklisted at l1.apews.rhsbl.uceprotect.net
-----------------------------------------------
WAS recently listed at SORBS,
----------------------------------------------
and is mired in a long list of AS horizontals and verticals that most
would only use for the purpose of making it difficult to trace them
specifically. Hmm, now who would want that? Oh! I know! Spammers!

lookuphttp://apews.org/?page=test&ip=www.dns-oarc.net
http://www.uceprotect.net/en/apews.html

public.dns-oarc.net

public.dns-oarc.net has one IP record . www.dns-oarc.net point
to the same IP.
network-scanner-230-for-more-info-see.public.dns-oarc.net and
network-scanner-224-for-more-info-see.public.dns-oarc.net are subdomains
to this hostname.
baserecordnameipreverserouteas
public.dns-oarc.neta149.20.58.8www.dns-oarc.net149.20.0.0/16 AS1280
project netblockAS1280 ISC AS1280 Internet Systems Consortium, Inc
dns-oarc.netnshq-ns.oarc.isc.org204.152.184.186hq-ns.oarc.isc.org204.152.184.0/21
ns-ext.isc.org204.152.184.64ns-ext.isc.org
ns-ext.nrt1.isc.org192.228.90.19ns-ext.nrt1.isc.org192.228.90.0/24
Internet Software ConsortiumAS2500 WIDE Project in Japan
ns-ext.lga1.isc.org192.228.91.19ns-ext.lga1.isc.org192.228.91.0/24
Internet Systems Consortium, Inc., New York, NY, USAAS27319 ISC LGA1
Internet Systems Consortium, Inc , New York, NY, US
ns-ext.sth1.isc.org192.228.89.19ns-ext.sth1.isc.org192.228.89.0/24
Internet Systems Consortium, Inc.AS8674 NETNOD IX Netnod Internet
Exchange Sverige AB (former D GIX) $Id: aut num:AS8674,v 1 12 2008/07/01
12:56:12 liman Exp $
mxmail.dns-oarc.net149.20.58.4mail.dns-oarc.net149.20.0.0/16 AS1280
project netblockAS1280 ISC AS1280 Internet Systems Consortium, Inc
org isc.org net nrt1.isc.org oarc.isc.org sth1.isc.org lga1.isc.org
--------------------------------------

NOW, IDIOT SPAMMER, I gave you a pass on reporting you since it appeared
you might not know what you're doing. But from just 3 minutes worth of
research I can see you not only know what you're doing is spamming, but
you are still spamming even though you're dropped by at one list and
have been noted at around 8 other lists. SORBS may have "dropped" you
but rest assured it won't take a lot to put you back on their list.

If I come across you again on ANY group, forum or other means, rest
assured I will not hassle you, but I WILL report you for spamming, and
I'll resurrect the discussions at nanae for you using your own tripe as
proof!
So either get your ass out of here or be prepared to start looking
for other resources again. It looks like discussions at nanae would be
pretty easy to reopen; it's only been a short period of time.
Don't address me again: I only give one warning.

HTH (you provide the word for the last H)


Kayman
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-29-2008, 08:19 AM
On Mon, 28 Jul 2008 19:14:07 -0600, Lon wrote:

<snip>
> I'd also beware of self appointed security experts who do not recognize
> the site www.dns-oarc.net.
Hey Lon, while we're having so much fun, here is another DNS checker
http://www.doxpara.com/
(a good tool to double-check the results obtained from
https://www.dns-oarc.net/oarc/services/dnsentropy )
:-)
Newell White
Guest
Posts: n/a
 
Re: DNS Randomness Test
Posted: 07-29-2008, 09:41 AM

"FromTheRafters" wrote:

>
> But how do we know that clicking that link will actually
> resolve to that (considering the topic) legitimate site? :O)
>
> URL's are not dangerous, however the software you run to
> access them may well be.
>
>
Those of us who have reached the age of discretion right click on the link,
then copy and paste into our browser's address bar.

We get lots of practice at this because our incoming e-mails are shown in
plain text format.

We are suspicious old farts who plan on living a long time.
--
Regards,
Newell White

 
LinkBack Thread Tools Display Modes
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to test file-filter-driver in Driver Test Manager(DTM)? Cui Wei Windows Vista Hardware & Devices 0 12-18-2006 03:02 AM
only test- solo test Zack Whittaker \(R2 Mentor\) Windows Vista Hardware & Devices 2 03-05-2006 08:40 PM
only test- solo test Man-wai Chang Windows XP Configuration & Management 2 03-05-2006 04:45 PM
Test Page fail to Print error when printing a test page to a network printer Cindy fisher Windows XP Printers / Scanners / Fax 0 02-06-2004 03:13 PM
Randomness afforded by Shuffle Play in Media Player Route 9w Windows XP Music 1 11-19-2003 05:32 PM