Ruckman.net

I recently ran into a interesting issue where a Windows Vista machine would wait for 2 minutes to login after the password was typed in. But it would only occur when the laptop was connected to a network with internet access that was not its normal domain network.

After hooking the laptop to a hub with another PC, i started Wireshark to log all packets. After sifting through the data I found that it was attempting to connect to the primary domain controller by domain name, and consecutively trying to connect to all 5 secondary domain controllers by domain name.

What I found was that the domain names were not pointing to the domain servers across the internet, which would be dumb, but were trying to resolve the domain using yahoo name servers which didn’t know the internal sub domains. It was connecting to Yahoo’s name servers because that is who they have hosting their external DNS for them. Yahoo’s name servers redirected the connections to their main website instead because it was a catch-all address.

The problem is in three different places here.

1. Split DNS is being used - They are using a internal DNS server to resolve their subdomains internally, but these subdomains are not known externally so when they are remote they do not resolve properly.
2. A catch-all address is being used on yahoo’s name servers - This is causing any unknown subdomains to be redirected to the main domain name. Which in this case, is the main website which doesn’t house the domain server.
3. The requests are hitting yahoo’s firewall and it is dropping the packets instead of sending a ICMP error message - This is causing the TCP connections to hang for the default amount of time causing windows to wait before logging in.

This problem is obviously caused by DNS issues. In order to remedy the problem, I had to fix the broken split DNS issues.

To do this you have two options:

1. Remove the wildcard from DNS.
2. Redirect the problem subdomains to 127.0.0.1

Removing the wildcard from DNS is the preferred solution. This will cause the DNS server to report “no such name” which will terminate the connection before it is established.

If you cannot remove the wildcard from DNS then you will want to manually make DNS records that point to 127.0.0.1

Such as:

• subdomain1.example.com > 127.0.0.1
• subdomain2.example.com > 127.0.0.1

This will cause the connection to redirect to your localhost when offsite using global DNS. Your localhost will then report that connection unusable which will terminate the connection right away.

The boot up times decreased by 75%!

From 2 minutes to 30 seconds. That is an improvement! The lesson here is to make sure your DNS is correct.

Although, it would be nice if Microsoft would release a patch that would do this in the background after it loads your desktop instead of waiting for the connections to terminate!

I would also like to thank the genius who set up the DNS incorrectly and created all this wonderful work for me. Much appreciated!

Have you ever been using your command line and found that you would like to see the man page in front of you and also be able to craft your command without the wasted resources of a X-Server on your Linux server?

This may seem pretty elementary to some of you 1337 haxtorizors, but I think this tip is important to post in order to help Linux beginners accelerate their learning experience and ease of use.

The secret is to use the “screen” command. And I will tell you all the commands you need in order to make it work wonders for you. But first a little copy and paste from the screen website: (LINK)

“Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells. Each virtual terminal provides the functions of the DEC VT100 terminal and, in addition, several control functions from the ANSI X3.64 (ISO 6429) and ISO 2022 standards (e.g., insert/delete line and support for multiple character sets). There is a scroll back history buffer for each virtual terminal and a copy-and-paste mechanism that allows the user to move text regions between windows. When screen is called, it creates a single window with a shell in it (or the specified command) and then gets out of your way so that you can use the program as you normally would. Then, at any time, you can create new (full-screen) windows with other programs in them (including more shells), kill the current window, view a list of the active windows, turn output logging on and off, copy text between windows, view the scroll back history, switch between windows, etc. All windows run their programs completely independent of each other. Programs continue to run when their window is currently not visible and even when the whole screen session is detached from the users terminal.”

From the description above you will notice that there are some other advantages to using screen besides the ability to split screen your console. For instance, if you are using putty on a somewhat unstable internet connection and your connection is lost you will lose your console session and any program instance that is running. But if you are using screen your terminal instance will continue to run even if you lose your connection and all you have to do is reconnect and reattach to your screen session.

If you do not have screen, you can obtain it at the link listed above or from your Linux distros update command such as yum or apt-get.

I will now give you the commands you require to use screen efficiently. Any command when you are inside screen begins with “CNTL-A”.

To start you will have to call the first instance of screen. You can combine a lot of these commands into one command line argument but I prefer to show you one command at a time. Run the following command:

screen

You will now see the shell prompt again. To split screen hit the following key combinations:

CNTL-A

SHIFT-S

You will now need a second screen instance to run in the bottom window. Run the screen command again:

screen

Run a command such as “man”, “htop”, or top. You will notice that it fills the top half of the screen.

You will now have to toggle to the bottom screen by hitting the following key combinations:

CNTL-A

TAB

You will now be in the bottom window, although you will not see your command prompt yet. You will have to toggle through the instances of screen in the bottom window to get to it. Use the following key combinations to do this:

CNTL-A

N

or:

CNTL-A

P

The “N” stands for next and the “P” stands for previous. It just allows you to step forward and backward through as many instances of screen that you have running. If you see the same output in both windows just do the same key combo again to get to the next version of screen.

Once you get the shell prompt in the bottom screen you can run your second command and view the output from both running instances. You can now view a man page in the top window and craft your command below or view htop and iftop in the same window at the same time. You can also split the screen more times but I wouldn’t recommend it unless you have some decent resolution set for your text console which can be controlled in your boot options in grub or lilo but that is another lesson.

You may find a few more commands useful during your stay with screen. You may with to leave the current session running in the background and jump back to you regular console. You can do that by detaching which is done with the following key combo:

CNTL-A

D

Now that you are detached, which is what also happens during loss of connectivity, you may want to reattach to one of your screen instances. You will first need to list the instances of screen by typing the following command:

screen -list

You will the get a list similar to:

There is a screen on:
3880.pts-0.localhost (Detached)

To reattach to the instance listed above, type:

screen -r 3880.pts-0.localhost

The part after “-r” will change depending on your linux box.

You will notice that you are now back into your detached session of screen.

Now that you know the basics of screen, I am sure you will become accelerated at learning other Linux commands. Take care, and enjoy the ease of use!