DNS on a non standard port
Gerald
http://www.privacyfoundation.de/service/serveruebersicht/
For 2 reasons:
1. Their servers will respond to DNS queries on port 110
2. The local ISP is redirecting outgoing traffic on port 53 to there
own "faulty" server.
Since I can't fix the ISP's server (their caching is wrogn) I need a
way to send my queries out to working servers.
It would be nice if I had the option to query the Google servers.
Gerald
itsimpel
would not conflict with standards since it only adds functionality.
I'd suggest to take a non used port (so not 110 which should be used
for POP3) but something like 5353.
Nicholas Weaver
the ICSI Netalyzr ( http://netalyzr.icsi.berkeley.edu/ ) checks for
this, as the applet performs a direct UDP DNS request to our server
that proxies would modify or block, and who's reply even if succesfull
will say if there is a proxy or similar involved.
We in particular are interested in any network which does this.
Technical details on that test:
The applet does a UDP query for "entropy.
{garbage}.netalyzr.icsi.berkeley.edu", but it is sent directly to the
back-end system rather than the DNS resolver.
It knows what transaction ID etc were used, AND what host it should
come from, so if it gets a reply which suggests a different IP or
transaction ID, it detects that the network reinterpreted the DNS,
redirecting the request through the ISP's server.
If it gets no answer at all, it knows that DNS is blocked.
Note that sometimes software firewalls, eg, the mac firewall
sometimes, will interfere with this test by blocking ALL UDP that Java
tries to send, so the test will not run if it can't send UDP to an
effectively arbitrary port (port 1947) on our server first.
This test does not require trusting the applet, so if you refuse our
signature, it should still work.