-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: What's the most interesting small town you've visited in South Africa?
DNS vulnerability issue
- Thread starter vodacom3g
- Start date
-
- Tags
- dns vulnerability
Cape Town, internet APN, PPDB:
AirWolf
Honorary Master
Port Shepstone; internet APN; PPDB
After clicking on the "Check my DNS" button, the info box says:
Opera: Blank
Firefox: Connection Interrupted.
Internet Explorer: Internet Explorer cannot display the webpage
After clicking on the "Check my DNS" button, the info box says:
Opera: Blank
Firefox: Connection Interrupted.
Internet Explorer: Internet Explorer cannot display the webpage
JAV
Well-Known Member
Benoni / Kempton Park: internet APN:
Your name server, at 84.22.100.9, appears vulnerable to DNS Cache Poisoning.
All requests came from the following source port: 53
Do not be concerned at this time. IT administrators have only recently been apprised of this issue, and should have some time to safely evaluate and deploy a fix.Requests seen for 104b3c71defd.toorrr.com:
84.22.100.9:53 TXID=17049
84.22.100.9:53 TXID=34350
84.22.100.9:53 TXID=17175
84.22.100.9:53 TXID=42249
84.22.100.9:53 TXID=5086
Your name server, at 84.22.100.9, appears vulnerable to DNS Cache Poisoning.
All requests came from the following source port: 53
Do not be concerned at this time. IT administrators have only recently been apprised of this issue, and should have some time to safely evaluate and deploy a fix.Requests seen for 104b3c71defd.toorrr.com:
84.22.100.9:53 TXID=17049
84.22.100.9:53 TXID=34350
84.22.100.9:53 TXID=17175
84.22.100.9:53 TXID=42249
84.22.100.9:53 TXID=5086
vodacom3g
Vodacom Representative
gregmcc
Honorary Master
84.22.100.9 is owned by CB3ROB Data Services. Not sure why you using this?
JAV
Well-Known Member
Could've been, come to think of it... Honestly can't remember
Was playing around with Public Root DNS servers a while back. Can't recall if I ever changed the settings back to what they were...
Apparently I never did
/bows head in shame..
FF
Last edited:
Retest & post the results after changing back to the automatically assigned DNS settings from Vodacom...Could've been, come to think of it... Honestly can't remember
Was playing around with Public Root DNS servers a while back. Can't recall if I ever changed the settings back to what they were...
Apparently I never did
/bows head in shame..
FF
JAV
Well-Known Member
rabbiddog
Expert Member
Randpark Ridge : internet apn
Your name server, at 196.43.38.190, appears to be safe, but make sure the ports listed below aren't following an obvious pattern.Requests seen for d5d69b7220e3.toorrr.com:
196.43.38.190:38929 TXID=51774
196.43.38.190:40709 TXID=21330
196.43.38.190:13520 TXID=22581
196.43.38.190:64809 TXID=55010
196.43.38.190:1397 TXID=63249
Your name server, at 196.43.38.190, appears to be safe, but make sure the ports listed below aren't following an obvious pattern.Requests seen for d5d69b7220e3.toorrr.com:
196.43.38.190:38929 TXID=51774
196.43.38.190:40709 TXID=21330
196.43.38.190:13520 TXID=22581
196.43.38.190:64809 TXID=55010
196.43.38.190:1397 TXID=63249
vodacom3g
Vodacom Representative
WE did apply the patch the same ay it became available but I just wanted to make 100% sure we did not miss something.
So far, so good, it seems.
PS. I guess VC should have put out a press-release stating that IS's servers were not secure for the few hours it took them to apply the patch. And that Vodacom is very concerned about IS's unsecured services
So far, so good, it seems.
PS. I guess VC should have put out a press-release stating that IS's servers were not secure for the few hours it took them to apply the patch. And that Vodacom is very concerned about IS's unsecured services
Mier
Expert Member
PS. I guess VC should have put out a press-release stating that IS's servers were not secure for the few hours it took them to apply the patch. And that Vodacom is very concerned about IS's unsecured services
PS. I guess VC should have put out a press-release stating that IS's servers were not secure for the few hours it took them to apply the patch. And that Vodacom is very concerned about IS's unsecured services
LOL
JAV
Well-Known Member
Here we go - again
Benoni / Kempton Park: internet APN:
Your name server, at 196.207.32.83, appears to be safe, but make sure the ports listed below aren't following an obvious pattern.Requests seen for 9789a88cde23.toorrr.com:
196.207.32.83:59649 TXID=5576
196.207.32.83:59664 TXID=21823
196.207.32.83:59698 TXID=61711
196.207.32.83:59794 TXID=57338
196.207.32.83:59633 TXID=19577
Benoni / Kempton Park: internet APN:
Your name server, at 196.207.32.83, appears to be safe, but make sure the ports listed below aren't following an obvious pattern.Requests seen for 9789a88cde23.toorrr.com:
196.207.32.83:59649 TXID=5576
196.207.32.83:59664 TXID=21823
196.207.32.83:59698 TXID=61711
196.207.32.83:59794 TXID=57338
196.207.32.83:59633 TXID=19577
chiskop
Executive Member
Kensinton internet apn:
Your name server, at 196.207.32.83, appears to be safe, but make sure the ports listed below aren't following an obvious pattern.Requests seen for 40f1e394616e.toorrr.com:
196.207.32.83:59628 TXID=50687
196.207.32.83:59634 TXID=60248
196.207.32.83:59851 TXID=9801
196.207.32.83:59822 TXID=7390
196.207.32.83:59818 TXID=28094
Your name server, at 196.207.32.83, appears to be safe, but make sure the ports listed below aren't following an obvious pattern.Requests seen for 40f1e394616e.toorrr.com:
196.207.32.83:59628 TXID=50687
196.207.32.83:59634 TXID=60248
196.207.32.83:59851 TXID=9801
196.207.32.83:59822 TXID=7390
196.207.32.83:59818 TXID=28094
kronoSX
Honorary Master
Appears to be safe
apn:internet on PPDB
apn:internet on PPDB
Cape Town (Parow), InternetVPN, PPDB
DoxPara DNS Check Results: (No clue what it means though)
Your name server, at 196.207.40.167, may be safe, but the NAT/Firewall in front of it appears to be interfering with its port selection policy. The difference between largest port and smallest port was only 221.
Please talk to your firewall or gateway vendor -- all are working on patches, mitigations, and workarounds.
Requests seen for 271aee723888.toorrr.com:
196.207.40.167:61534 TXID=435
196.207.40.167:61380 TXID=8671
196.207.40.167:61491 TXID=6882
196.207.40.167:61341 TXID=52739
196.207.40.167:61562 TXID=51889
DoxPara DNS Check Results: (No clue what it means though)
Your name server, at 196.207.40.167, may be safe, but the NAT/Firewall in front of it appears to be interfering with its port selection policy. The difference between largest port and smallest port was only 221.
Please talk to your firewall or gateway vendor -- all are working on patches, mitigations, and workarounds.
Requests seen for 271aee723888.toorrr.com:
196.207.40.167:61534 TXID=435
196.207.40.167:61380 TXID=8671
196.207.40.167:61491 TXID=6882
196.207.40.167:61341 TXID=52739
196.207.40.167:61562 TXID=51889