Learn how to build an E-Commerce site with Angular 5, a JavaScript framework used by developers to build web, desktop, and mobile applications.
'ipconfig /displaydns' display over 200 DNS unrecognized, should we worry
We are having a problem with a connection and came upon recommended task where we were instructed to run the line "ipconfig /displaydns". This displayed a series of sites unrecognized to us.
The result showed over 200 DNS and with the list actual sites and IPs. The sites are in line "Record Name . . . . . :" and "CNAME Record . . . . : ", the IPs are in line "A (Host) Record . . . :".
For example:
and
So we wanted to know,
The result showed over 200 DNS and with the list actual sites and IPs. The sites are in line "Record Name . . . . . :" and "CNAME Record . . . . : ", the IPs are in line "A (Host) Record . . . :".
For example:
in.greta.io
----------------------------------------
Record Name . . . . . : in.greta.io
Record Type . . . . . : 1
Time To Live . . . . : 41482
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 35.186.212.13
and
p2-eiiarhhxducde-vnxdzw56kwg3gh6t-299593-i1.stbcast3-stb.metric.gstatic.com
----------------------------------------
Record Name . . . . . : p2-eiiarhhxducde-vnxdzw56kwg3gh6t-299593-i1.stbcast3-stb.metric.gstatic.com
Record Type . . . . . : 1
Time To Live . . . . : 79151
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 216.239.32.62
So we wanted to know,
- what is causing this?
- should we worry?
- what should we do?
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Well all this is revealing what the websites are pulling from in the background. Web pages apps, and Windows are all making calls to different resources over the Internet. The DNS lookups are all cached on your computer.
As an example, this Experts Exchange page here is pulling from the following domains when looking at the stats in my browser:
www.experts-exchange.com
cdn.experts-exchange.com
expertsexchange.112.2o7.ne
filedb.experts-exchange.co
And I'm using uBlock Origin so this is going to be greatly reduced.
As an example, this Experts Exchange page here is pulling from the following domains when looking at the stats in my browser:
www.experts-exchange.com
cdn.experts-exchange.com
expertsexchange.112.2o7.ne
filedb.experts-exchange.co
And I'm using uBlock Origin so this is going to be greatly reduced.
Even during the most simple browsing session, your browser fires away countless of cloud based services (be it Google, ad services or content delivery networks). In your case, those are still normal requests you make on a more busy website (news outlet or such).
Understood and gives a relief.
However, if we were check them out, recommended steps you guys recommend?
However, if we were check them out, recommended steps you guys recommend?
Would require extreme knowledge of all hosts. I know in.greta.io is checking for CDN, while gstatic is Google owned. For you to do that, takes you a lot of time to find out, making it a 24/7 job to keep up with all the hostnames used every day.
You could use some algorithm to lessen the load as times go by (slowly whitelisting the known ones), but still requires a lot of time.
You could use some algorithm to lessen the load as times go by (slowly whitelisting the known ones), but still requires a lot of time.
Ok, prior closing the question, can you suggest some of "bit more research"? (just a little to direct us the right way)
It depends on what kind of research you want to do. If you are just concerned about browser activity then something like Privacy Badger (from the EFF https://www.eff.org/privacybadger) or uBlock Origin can do logging and blocking and show you a lot of resources that are being pulled from. You can also hit F12 when in your browser and you can explore all the elements.
More in depth would be to use wireshark on your computer and filter by DNS...
But if you're looking for general security knowledge then I have to say that the landscape is always changing. Following blogs or podcasts is how I keep up with it.... as best I can.
More in depth would be to use wireshark on your computer and filter by DNS...
But if you're looking for general security knowledge then I have to say that the landscape is always changing. Following blogs or podcasts is how I keep up with it.... as best I can.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial