Windows 7 loopback address 127.0.0.1 resolved via external DNS server?
Hello,
A week or two ago I ran a small DNS resolution benchmark utility DNSBench, available athttp://www.grc.com/dns/benchmark.htm I use Windows 7 x64 Ultimate edition.
As I understand it, Windows 7 has changed from previous editions of Windows: the IPv4 and IPv6 name and numbers of the localhost loopback address are handled directly in the TCP/IP stack without reference to the hosts files (of course, it is still possible,
I'm assuming, to add names to the hosts file that resolve to those loopback IP numbers).
Since running that program, the network monitoring component of the
anti-virus/anti-spyware program I use (Online-Armor) has been
consistently resolved the local loopback address 127.0.0.1 as
net127.rebindtest.com instead of just leaving it as 127.0.0.1, when it
displays messages that involve the loopback address.
Windows 7 seems to be using an external DNS source to resolve the loopback address, which is simply bizarre.
I scoured the registry, flushed the Windows 7 DNS cache, examined
the hosts file, ensured no spyware is active, etc., and there is no
trace of net127.rebindtest.com , but 127.0.0.1 stills resolves as
net127.rebindtest.com :
C:\Windows\system32>nslookup
net127.rebindtest.com
Server: dns2.pppoe.ca
Address: 206.248.154.170
Non-authoritative answer:
Name: net127.rebindtest.com
Addresses: 127.0.0.1
127.0.0.1
nslookup net127.rebindtest.com
Server: google-public-dns-b.google.com
Address: 8.8.4.4
Non-authoritative answer:
Name: net127.rebindtest.com
Addresses: 127.0.0.1
127.0.0.1
Finally, I used the DNS lookup service at www.robtex.com to get the actual DNS records for net127.rebindtest.com http://www.robtex.com/dns/net127.rebindtest.com.html#records
net127.rebindtest.com
a
127.0.0.1
-
localhost
?
::ffff:7f00:1
-
(none)
rebindtest.com
ns-soa
rebindtest.com
(none)
ns
ns4.customer.level3.net
327 days old
209.244.4.53
United States
209.244.0.0/14
Level 3 Communications
AS3356
Level3 Level 3 Communications
ns6.customer.level3.net
8 days old
209.244.4.85
United States
What is going on here, and how can I revert these changes the DNS benchmark
seems to have made to my system's DNS resolution behaviour?OS: Windows 7 X64 Ultimate. Hardware: Notebook
December 11th, 2010 2:01pm