On Wed, Nov 18, 2009 at 11:21:41PM +0100, Robert wrote:
> On Wed, 18 Nov 2009 15:06:28 -0500
> stan <st...@panix.com> wrote:
>
> > Can anyone xplain this behavior to me?
> >
> > Given the following resolv.conf file:
> >
> > r...@pm3fw:root# cat /etc/resolv.conf
> > lookup file bind
> > search mcn.chs kapstonepaper.com pm3.charleston.meadwestvaco.com
> > nameserver 127.0.0.1
> > nameserver 10.209.128.20
> > nameserver 10.209.128.26
> > nameserver 10.209.142.158
> >
> > And:
> >
> > r...@pm3fw:root# nslookup
> > > cvsup
> > Server: 127.0.0.1
> > Address: 127.0.0.1#53
> >
> > Non-authoritative answer:
> > Name: cvsup.mcn.chs
> > Address: 10.209.142.151
> > > 10.209.142.151
> > Server: 127.0.0.1
> > Address: 127.0.0.1#53
> >
> > 151.142.209.10.in-addr.arpa name = cvsup.meadwestvaco.com.
> > > exit
> >
> > Why does this happen ? And how?
> >
> > r...@pm3fw:root# nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389
> > cvsup
> >
> > Starting Nmap 4.76 ( http://nmap.org ) at 2009-11-18 15:05 EST
> > Initiating Ping Scan at 15:05
> > Scanning 10.209.142.151 [8 ports]
> > Completed Ping Scan at 15:05, 0.20s elapsed (1 total hosts)
> > Initiating Parallel DNS resolution of 1 host. at 15:05
> > Completed Parallel DNS resolution of 1 host. at 15:05, 0.00s elapsed
> > Initiating SYN Stealth Scan at 15:05
> > Scanning cvsup.meadwestvaco.com (10.209.142.151) [1000 ports]
> >
> > Is nmap not using the resolver libraries?
> >
> >
>
> Your dns at 127.0.0.1 does not resolve 151.142.209.10.in-addr.arpa?
> 127.0.0.1:53 allows recursiv querys so it looks elsewhere and serves
> the "real" hostname?
OK here are the servers that the local nameserver recurses to:
forwarders {
10.209.142.158;
10.209.144.150;
10.209.142.154;
};
And if I use nslookup and set it to each of them in turn, i still get the
mcn.chs name:
s...@pm3fw:stan$ nslookup
> cvsup
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: cvsup.mcn.chs
Address: 10.209.142.151
> 10.209.142.151
Server: 127.0.0.1
Address: 127.0.0.1#53
151.142.209.10.in-addr.arpa name = cvsup.meadwestvaco.com.
> server 10.209.142.158
Default server: 10.209.142.158
Address: 10.209.142.158#53
> cvsup
Server: 10.209.142.158
Address: 10.209.142.158#53
Non-authoritative answer:
Name: cvsup.mcn.chs
Address: 10.209.142.151
> server 10.209.144.150
Default server: 10.209.144.150
Address: 10.209.144.150#53
> cvsup
Server: 10.209.144.150
Address: 10.209.144.150#53
Non-authoritative answer:
Name: cvsup.mcn.chs
Address: 10.209.142.151
> server 10.209.142.154
Default server: 10.209.142.154
Address: 10.209.142.154#53
> cvsup
Server: 10.209.142.154
Address: 10.209.142.154#53
Non-authoritative answer:
Name: cvsup.mcn.chs
Address: 10.209.142.151
Of course, I do see the "Non-authoritative answer:" clause in each of
these. Would that mean that a program could request an authoritative
answer? If so, how?
--
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
