工单节点使用指南
• 请用平和的语言准确描述你所遇到的问题
• 厂商的技术支持和你一样也是有喜怒哀乐的普通人类,尊重是相互的
• 如果是关于 V2EX 本身的问题反馈,请使用 反馈 节点
login.live.com 被湖北电信本地 DNS 污染,指向反诈提示
g531956119 · 2021-08-25 15:56:16 +08:00 · 2962 次点击这是一个创建于 1171 天前的主题,其中的信息可能已经有所发展或是发生改变。
今天登录微软账号的时候发现一直提示 CONNECT_REFUSED,排查发现是 DNS 被污染了
本地电信分配的 DNS 为
202.103.44.150
202.103.24.68
使用 dig 查询均返回被劫持的 ip 地址
; <<>> DiG 9.16.1-Ubuntu <<>> @202.103.44.150 login.live.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56397
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;login.live.com. IN A
;; ANSWER SECTION:
login.live.com. 300 IN A 223.75.236.241
;; Query time: 0 msec
;; SERVER: 202.103.44.150#53(202.103.44.150)
;; WHEN: Wed Aug 25 15:48:41 CST 2021
;; MSG SIZE rcvd: 48
; <<>> DiG 9.16.1-Ubuntu <<>> @202.103.24.68 login.live.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2138
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;login.live.com. IN A
;; ANSWER SECTION:
login.live.com. 300 IN A 223.75.236.241
;; Query time: 0 msec
;; SERVER: 202.103.24.68#53(202.103.24.68)
;; WHEN: Wed Aug 25 15:48:58 CST 2021
;; MSG SIZE rcvd: 48
直接访问该 ip 可得
第 1 条附言 · 2021-08-29 20:08:37 +08:00
今日查询已恢复正常
; <<>> DiG 9.16.1-Ubuntu <<>> @202.103.44.150 login.live.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49929
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 9, ADDITIONAL: 0
;; QUESTION SECTION:
;login.live.com. IN A
;; ANSWER SECTION:
login.live.com. 600 IN CNAME login.msa.msidentity.com.
login.msa.msidentity.com. 600 IN CNAME www.tm.lg.prod.aadmsa.akadns.net.
www.tm.lg.prod.aadmsa.akadns.net. 600 IN CNAME prda.aadg.msidentity.com.
prda.aadg.msidentity.com. 600 IN CNAME www.tm.a.prd.aadg.akadns.net.
www.tm.a.prd.aadg.akadns.net. 600 IN A 40.126.35.151
www.tm.a.prd.aadg.akadns.net. 600 IN A 40.126.35.80
www.tm.a.prd.aadg.akadns.net. 600 IN A 40.126.35.128
www.tm.a.prd.aadg.akadns.net. 600 IN A 20.190.163.21
www.tm.a.prd.aadg.akadns.net. 600 IN A 40.126.35.86
www.tm.a.prd.aadg.akadns.net. 600 IN A 40.126.35.129
www.tm.a.prd.aadg.akadns.net. 600 IN A 40.126.35.87
www.tm.a.prd.aadg.akadns.net. 600 IN A 20.190.163.19
;; AUTHORITY SECTION:
akadns.net. 76175 IN NS a9-128.akadns.net.
akadns.net. 76175 IN NS a18-128.akagtm.org.
akadns.net. 76175 IN NS a3-129.akadns.net.
akadns.net. 76175 IN NS a13-130.akagtm.org.
akadns.net. 76175 IN NS a28-129.akagtm.org.
akadns.net. 76175 IN NS a7-131.akadns.net.
akadns.net. 76175 IN NS a1-128.akadns.net.
akadns.net. 76175 IN NS a12-131.akagtm.org.
akadns.net. 76175 IN NS a11-129.akadns.net.
;; Query time: 10 msec
;; SERVER: 202.103.44.150#53(202.103.44.150)
;; WHEN: Sun Aug 29 20:07:26 CST 2021
;; MSG SIZE rcvd: 501
10 条回复 • 2021-09-12 00:20:44 +08:00
 |
1
XiLingHost 2021-08-25 16:06:57 +08:00
不要使用 ISP 提供的 DNS
|
 |
2
745839 2021-08-25 16:10:59 +08:00
我想知道这个提示是怎么实现的
|
 |
3
roiding 2021-08-25 17:14:51 +08:00
不都是用大厂的公共 DNS 的嘛
|
 |
4
xiaodongus 2021-08-25 18:06:57 +08:00  1
电信 DNS 污染到移动的 IP,看来不是电信干的。。是相关部门
|
 |
5
kebamt 2021-08-25 20:26:46 +08:00 via iPhone 1
🧱锅不停地干扰国际互联网🤮
|
 |
6
fhbyljj 2021-08-25 20:33:05 +08:00 via Android 1
把这网站列为诈骗的
脑子被门夹了 |
 |
7
leafre 2021-08-25 20:58:11 +08:00
8.8.4.4
80.80.80.80 223.6.6.6 |
 |
9
takeshima 2021-08-28 10:05:36 +08:00 via Android
这是准备鲨微软了吗
|
 |
10
hkezh 2021-09-12 00:20:44 +08:00 via iPhone
96110 是哈尔滨开锁电话…
|
Select Language