Discuss mailing list

[Lennart Seitz <mail AT lseitz.de>]

On 02.09.2021 02:53, Lennart Seitz wrote:
> On 02.09.2021 02:46, Se7en wrote:
>> # First run before changing DNS back (on Quad9 with DNSSEC)
>> $ dig duckduckgo.com @185.121.177.177 +short
>> 157.240.7.34
>>
>> # Second run after changing DNS back
>>
>> $ dig duckduckgo.com @185.121.177.177 +short
>> 69.171.246.9
>>
>>
>>
>> After switchback, duckduckgo is no longer MITM but is completely
>> unreachable.
>>
>> Switch back to Quad9 (temporary) with DNSSEC
>>
>> $ dig duckduckgo.com @185.121.177.177 +short
>> 103.39.76.66
>>
>>
>> These tests were performed as I was drafting this email just now. 
>>
> Something certainly is odd here: the "@" part of dig defines the used
> server. So you dont need to "change back" anything. If you put
>
> dig duckduckgo.com @185.121.177.177 +short
>
> in your cli. It will always query at 185.121.177.177, so it should
> always give you the same results (lets keep dns-roundrobin out for now,
> the 69.171.246.9 is certainly wrong)
>
> It seems like something on your system is locally redirecting querys.
>
>  
>

Please check what

dig duckduckgo.com @185.121.177.177

gives you for an output, it should tell you the used server.

;; Query time: 40 msec
;; SERVER: 185.121.177.177#53(185.121.177.177)
;; WHEN: Do Sep 02 02:59:48 CEST 2021

-- 
Mit freundlichen Grüßen,
Lennart Seitz
PGP-Schlüssel: 0x187abd76a5660379 (https://pgp.lseitz.de/key.asc)
--