Wireshark-bugs: [Wireshark-bugs] [Bug 12412] New: Network-Layer Name Resolution first attempts u
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Sun, 08 May 2016 23:21:13 +0000
Bug ID 12412
Summary Network-Layer Name Resolution first attempts undocumented not configurable no-rDNS IP 32.1.4.112
Product Wireshark
Version 1.12.11
Hardware x86
OS Windows 7
Status UNCONFIRMED
Severity Major
Priority Low
Component Qt UI
Assignee bugzilla-admin@wireshark.org
Reporter starlight@binnacle.cx 

Build Information:
Version 1.12.11 (v1.12.11-0-gc74c83c from master-1.12)

Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.10.2, with Pango 1.34.0, with
GLib 2.38.0, with WinPcap (4_1_3), with libz 1.2.5, with SMI 0.4.8, with c-ares
1.9.1, with Lua 5.2, without Python, with GnuTLS 3.2.15, with Gcrypt 1.6.2,
without Kerberos, with GeoIP, with PortAudio V19-devel (built Apr 22 2016),
with
AirPcap.

Running on 64-bit Windows Server 2008 Service Pack 2, build 6002, with WinPcap
version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0
branch 1_0_rel0b (20091008), GnuTLS 3.2.15, Gcrypt 1.6.2, without AirPcap.
Intel(R) Core(TM) i7 CPU         920  @ 2.67GHz, with 6133MB of physical
memory.

Built using Microsoft Visual C++ 10.0 build 40219
--
When resolving reverse-DNS for IP addresses Wireshark first sends requests to
IP 32.1.4.112 and then falls-back to using locally configured DNS.

This is not documented anywhere.

This cannot be configured.

The reverse-DNS for 32.1.4.112 is not set and so we have no idea who is getting
our information.  Robetex offers no clues.

For now 

   access-list forward-inside extended deny ip any host 32.1.4.112

fixes the problem but nonetheless this behavior is objectionable.

You are receiving this mail because:
  • You are watching all bug changes.