[dns-operations] Just another "sitefinder" ISP

Mark Andrews Mark_Andrews at isc.org
Thu May 22 23:09:11 UTC 2008

> On May 22, 2008, at 4:06 AM, Florian Weimer wrote:
> > Kabel Deutschland
> > makes it non-transparent, currently on the customer's entry point to  
> > the
> > DNS network.
> ...
> > Using magic addresses for the root servers would only encourage such
> > tampering.  So I agree that it's not a good idea.
> Again, the root server addresses are already well known and must be.   
> Locking down those addresses so that we don't have to deal with  
> traffic going to "old root server" addresses is completely orthogonal  
> to the fact that some caching server operators have decided to muck  
> with the data they serve.
> Regards,
> -drc

	What really suprises me is that there havn't been any reports
	of "cease and desist" requests from companies who have
	NXDOMAIN's coming from their authoritative servers re-written
	into address being sent to these ISP's.

	This is a documented threat and impacts on the reputation
	of companies who's responses are being re-written.  What
	would be nice is for the request to be ignored and there
	to be some case law established.  I would think a company
	that signs its zones would have a much stronger case as it
	is clear that they have taken steps to ensure that the data
	returned from their servers cannot be compromised without
	it being detected.


> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the dns-operations mailing list