[PLUG] Internet access certificate issues
Mike C.
mconnors1 at gmail.com
Sun Sep 17 19:46:07 UTC 2017
On 9/17/17 12:17 PM, Mike C. wrote:
> DNS poisoning initially occurs at the DNS server. An untrusted fake name
> record is introduced and then is cached in the DNS server and served to
> any unwitting entity that makes a DNS A record lookup for a hostname/fqdn
Realized that maybe a bit more clarity is useful to people who don't
know the ins & outs of DNS. Specifically, this would occur on Comcast's
DNS. Which is why DNSSEC dns protocol extensions were created. If this
had occurred, I'd think that Comcast or at least the Internet would've
known about it.
Also, SSL web browsing is a bit of different beast. Next time try to
browse to a non-SSL web site. They're harder to find these days, but I
just found one!!! You're friendly and helpful pdxlinux.org.
That would tell me the problem is more likely ssl web browsing than DNS
and the airRouter is the most likely culprit.
Another fun party troubleshooting trick you could if this happens again
is try to telnet to port 443 of a known good address. In this case, I'd
ping a smaller web site's FQDN and keep the ip addr on file for testing
to. Might be harder to do these days as any web sites employing SSL is
probably not small and sitting behind a CDN and the ip addr is subject
to change.
More information about the PLUG
mailing list