Re: NetReg: CommonName

New Message Reply Date view Thread view Subject view Author view Attachment view

From: Peter Valian (valianp@southwestern.edu)
Date: Thu Aug 29 2002 - 12:10:39 CDT


I would recommend not allowing users to use off-campus DNS, IMHO.
It's port 53...tcp and udp.

We do not allow it and have not allowed it for serveral years. Have
never had a complaint. If a user asks if they can use an off-campus DNS
server, I'd be suspicious.

Sometimes we become authoritative for domains we'd rather not have
students go to (i.e. napster.com)...those were the days before good
bandwidth management tools. That effectively broke any clients trying
to connect to whatever.napster.com.

-p

-- 
Peter Valian
Network & Systems Administrator
Southwestern University
Georgetown, Texas
512.863.1586 office
512.863.1605 fax
--

King, Michael wrote: > Fellow NetReg users, I've discovered a problem that might possible affect > us. > > I will attach an email I gathered from another list at the end. > > > CommonName is a program that is installed on a clients computer via common > filesharing applications. (Kazaa, Morpehous). Also, all new HP's Laptops > and Compaq's have been reported shipping with this program. > > Whenever a DNS request via the web browser occurs, instead of querying the > DNS server specified in the Network settings, it contacts the DNS server at > www.commonname.com/find2.asp and gets that IP address from there. I imagine > this allows them to force popups, track statistics, and other marking > information that they can sell for a profit. > > How does this affect us? If the web browser is trying to reach a website, > instead of using our "DNS trap", it's trying to us an Off campus DNS server. > Since my Unregistered users cannot reach this server (Firewalled IP range), > they cannot register till the program is removed from there computer. > > > ------------------------------------------------- > Attached EMAIL > ------------------------------------------------- > > Since we have spent some time tracking down and trying to resolve some > our problems with CommonName I thought I would share what we have > learned with everyone. > > Symptoms: > Users are unable to log into on campus web based services from their > personal computer. They also have problems posting information to any > form that is on any EDU website. > Users are unable to connect to on campus URL's that have both upper and > lower case characters. > > The CommonName program is a package that is installed as a part of Imesh > and some other File/Music sharing applications. When installing Imesh > CommonName will automatically be installed and the user doesn't usually > realize it. > > After the installation of CommonName, when the user connects to ANY .edu > or .mil web site it first makes a connection to > http://www.commonname.com/find2.asp to do some type of lookup. This > means that any form input is first sent to CommonName and actually never > gets sent back to the server the user is trying to connect to. The > current version also has a problem in that Case Sensitive URL's are > simply broke and the user gets nothing. > > We first noticed that we had a problem because several users were having > problems connecting to some of the links on our homepage. We had > narrowed this down to a Case Sensitive problem but it wasn't until > students started having problems logging into our campus Portal that we > actually found out that CommonName was the problem. > > Possible Solution: > What we have done as a temporary solution is created a local DNS zone > for commonname.com and pointed www.commonname.com to one of our on > campus web servers. We then created a page find2.asp on this server. > If a user installs CommonName on purpose or accidentally then when they > try to connect to any .edu or .mil site they will be redirected to our > find2.asp which tells them how to uninstall this software. Here is our > link (http://data.radford.edu/find2.asp) > > I have notified CommonName of the problem and they have fixed the > CaseSensitive issue in a new beta and are working on the form posting > problem. Even if they fix their problems it still sounds like a major > security problem to have any form input sent to their server when > someone types in a username and password to log into an on campus > service. > > -------------------------------------------------------- > Ed Oakes Phone: (540) 831-6233 > Radford University Fax: (540) 831-5555 > Academic Computing Email: eoakes@radford.edu > > http://www.radford.edu/~acadcomp > > ___________________________________________________ > You are subscribed to the ResNet-L mailing list. > > To subscribe, unsubscribe or search the archives, > go to http://LISTSERV.ND.EDU/archives/resnet-l.html > ___________________________________________________ > ********************************************************************** > To unsubscribe from this list, send an e-mail message to > majordomo@southwestern.edu containing a single line with the words: > unsubscribe netreg > Send requests for assistance to: owner-netreg@southwestern.edu > **********************************************************************

********************************************************************** To unsubscribe from this list, send an e-mail message to majordomo@southwestern.edu containing a single line with the words: unsubscribe netreg Send requests for assistance to: owner-netreg@southwestern.edu **********************************************************************


New Message Reply Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:37 CDT