dns interceptors

Bill Thompson Billt at Mahagonny.com
Fri Feb 12 18:52:28 CST 2010


On Fri, 12 Feb 2010 17:32:33 -0500
Jared Mauch <jared at puck.nether.net> wrote:

> 
> On Feb 12, 2010, at 5:15 PM, Randy Bush wrote:
> 
> > i just lost ten minutes debugging what i thought was a server
> > problem which turned out to be a dns trapper on the wireless in the
> > changi sats lounge.  this is not the first time i have been caught
> > by this.
> > 
> > what are other roaming folk doing about this?
> > 
> > randy
> 
> I typically VPN out of broken networks whenever possible.
> 
> Operate a VPN/PPTP/IPSEC/squid-proxy/ssh on tcp/80/443 to work around
> the issues.
> 
> - Jared
> 

Yep, this is what I do as well. It's a little disappointing that you
have to tunnel into a trusted network in order to prevent shenanigans
like that, but it seems to be the way things are.

-- 
Bill Thompson
BillT at Mahagonny.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20100212/90e55459/attachment.bin>


More information about the NANOG mailing list