Hello.
One question: I have Mint 13 installed for months, running fine.But yesterday I was connected to my faculty's wireless network. Then I come home, turn off WiFi adapter and used wired connection (no WiFi at home). But I was unable to load web page or receive my mail. Wireshark showed that after I enter URL, first DNS query was entered URL, but then URL+faculty domain [example: http://www.linuxmint.com.education.edu]. I fixed the problem with dns-fix, but didn't solve e-mail problem completely.
I didn't use firewall but I also don't have any open-to-world service running. I did update the day before yesterday (so fully patched, no known vulnerabilities). I will just install Mint 14. My question is: What do you think is reason for that change/behavior?
Strange DNS problem
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
-
klagenfurt
Strange DNS problem
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
-
klagenfurt
Re: Strange DNS problem
Bump
I'm running Mint 14 now.Anyway I would like to know, what had happened that I was unable to use web/mail. When I was trying to visit website, there was only DNS packet traffic with destination IP from my faculty domain.
Is this a known issue or I was somehow hacked?
I'm running Mint 14 now.Anyway I would like to know, what had happened that I was unable to use web/mail. When I was trying to visit website, there was only DNS packet traffic with destination IP from my faculty domain.
Is this a known issue or I was somehow hacked?
-
klagenfurt
Re: Strange DNS problem
For those who have Mint 13: What version of Samba do you have [command: smbd -V ]? On distro release (Mint 13 x64 is 3.6.3 but is it updated with Update Manager?)
-
klagenfurt
Re: Strange DNS problem
@admin: Can you move my topic to networking forum please.
UPDATE: So what happened is that my dns setting was somehow changed ... when I wanted to visit a web site at home, only dns traffic was recorded with dns destination of DNS servers which I get when I'm connected on faculty's WiFi (except requested sites, there was also daisy.ubuntu.com dns traffic). I don't know how is that possible.
Also is updated Mint 13 vulnerable on CVE-2012-1182? I think I accidently disable firewall, but had Samba running (I didn't need it, but it was enabled by default).
UPDATE II: Maybe problem laid here:
When I'm on faculty network web browsing works slow (esp. on https) from time-to-time. But at the day of incident, web browsing run fast as hell (even https). I don't know why configuration (probably) changed at that day and never before? It also survived multiple reboots at home.
Thanks
UPDATE: So what happened is that my dns setting was somehow changed ... when I wanted to visit a web site at home, only dns traffic was recorded with dns destination of DNS servers which I get when I'm connected on faculty's WiFi (except requested sites, there was also daisy.ubuntu.com dns traffic). I don't know how is that possible.
Also is updated Mint 13 vulnerable on CVE-2012-1182? I think I accidently disable firewall, but had Samba running (I didn't need it, but it was enabled by default).
UPDATE II: Maybe problem laid here:
Code: Select all
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN Thanks
Re: Strange DNS problem
Moved as per OP's request. I'm not sure what could be the cause of this, hopefully somebody else can pitch in on this.
