Windows 10: Can sysinternals whois deliver malicious results (e.g. DNS cache poisoning)?

Can a whois command return malicious results? e.g. DNS cache poisoning

Why does it get stuck in an endless loop sometimes?

tl;dr

With quite a few domains (usually ones with private registration) the whois utility of Windows sysinternals gets stuck in an endless loop.

e.g. whois [alwaysablezard.com]()

In the case of [sixthseal.com]() the output contained references to .aspx files which seemed really strange. After that I ran Tor Broswer with Safest Advanced Security Settings and javascript completely disabled and navigated to that site but it redirected to a phishing site (something like [tcrproject.org]()) and tried to entice me to download Tor Browser 9.5)

As a precaution I did a complete system re-image from a Clonezilla backup I had just taken an hour earlier.

submitted by /u/leastsignificantbyte
[link] [comments]

:)

 

Windows 10 DNS caching problem

After some time of messing around with the two windows 10 machines I have, one a laptop, the other a surface pro 4, I've consistently hit the DNS resolution issues that many other people have reported.

Basically what happens is DNS resolution stops functioning for a period of time, however previously cached domains still resolve. A simple and effective solution to this is to just flush dns cache with ipconfig /flushdns command. More frustrating is that
it appears when DNS resolution fails, nxdomain is cached as well (which may actually be a significant part of the problem).

Microsoft network engineering should take a good look at how the resolver cache is handled, as it appears that some failure which results in DNS resolution failure will end up with a cached nxdomain (which should never happen). The fact that a simple dns
flush fixes the problem instantly strongly suggests that there is a bug in this part of the code which needs closer examination.

 

DNS server causing problem

Hi Andrea,

DNS is a server that translates websites' addresses so that browsers can connect to them. If the addresses become outdated or the server has issues, problems and DNS errors occur. For us to provide an accurate solution, we would need you to answer the following
questions:

• Which build, version and edition of Windows is installed on your computer?
• What changes have you made to your device before this issue occurred?
• Are you experiencing the same issue regardless if you are trying to be connected to a wired or wireless connection?

For initial troubleshooting, we suggest deleting the DNS cache. This can refresh the DNS files and settings on your PC. Follow these steps to delete the DNS cache:

• Using Search type Command Prompt.
• Form the search results, right click on Command Prompt (Desktop app) and then choose Run as administrator.
• In the Command Prompt window, type ipconfig /flushdns and then hit the Enter key.
• Once done, restart your computer and then check if the same issue persists.

We are looking forward to your response.

 

DNS lookup failed after windows 10 upgrade

Hi Jonny,

Thank you for posting on Microsoft Communities.

I will be glad to help you with the issue you have with the computer. I understand the frustration when things don't work the way it should.

I would suggest you to clear the DNS cache and see if that fixes the issue. Clearing the DNS cache forces DNS to query a DNS server rather than using information stored in the cache.

Follow these steps:

a. In the search box, type "command prompt."

b. In the list of results, right-click Command Prompt, and then click Run as administrator. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

c. At the command prompt, type
ipconfig /flushdns

d. Then type ipconfig /registerdns and press
Enter

Please reply with the results, I will be glad to help you further.

Thank you.