Recently, I had the oppertunity to talk to a DNS server at the hospital where I work. The reason I took time out of my busy day to converse with said server was the inability of the Information Protection department to prevent a particular PC from accessing the internet. On realizing that the IP settings on the computer I was physically sitting at were, in fact, correct, I decided to talk to our DNS server to get some answers.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.C:Documents and Settingssparky>ipconfig
Windows IP Configuration
Ethernet Adapter Local Area Connection
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . : 10.16.121.8
Subnet Mask . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . : 10.16.121.253
This is the IP address reported when at the physical computer in question, hostname ihs026830.
C:Documents and Settingssparky>ping ihs026830
Pinging ihs026830.ihs.org [10.16.131.36] with 32 bytes of data:
Reply from 10.16.131.36: bytes=32 time<1ms TTL=127 Reply from 10.16.131.36: bytes=32 time<1ms TTL=127 Reply from 10.16.131.36: bytes=32 time<1ms TTL=127 Reply from 10.16.131.36: bytes=32 time<1ms TTL=127 Ping statistics for 10.16.131.36: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
Where’d you get that from?
C:Documents and Settingssparky>nslookup 10.16.131.36
Server: dsmdc01.ihs.org
Address: 10.17.20.240Name: ihs026830.ihs.org
Address: 10.16.131.36
At least it’s consistently wrong.
C:Documents and Settingssparky>nslookup 10.16.121.8
Server: dsmdc01.ihs.org
Address: 10.17.20.240Name: imihs007200.ihs.org
Address: 10.16.121.8
I have no idea where or even what imihs007200 is.
C:Documents and Settingssparky>ping imihs007200
Pinging imihs007200.ihs.org [10.16.121.8] with 32 bytes of data:
Reply from 10.16.121.8: bytes=32 time<1ms TTL=127 Reply from 10.16.121.8: bytes=32 time<1ms TTL=127 Reply from 10.16.121.8: bytes=32 time<1ms TTL=127 Reply from 10.16.121.8: bytes=32 time<1ms TTL=127 Ping statistics for 10.16.121.8: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
Alrighty then!
Just out of curiosity, I queried our asset datebase (The DB wherein all information resides regarding computers, monitors, switches and such and their locations, when their lease expires, etc.) imihs007200 is marked as being end of lease, and returned to the lessor. Yet there it is, on our network, and pulling an IP address. Right…