[dns-operations] ip id from servers

Robert Edmonds edmonds at isc.org
Thu Mar 11 09:33:13 UTC 2010


sthaug at nethelp.no wrote:
> > I can only confirm a few of these from here (Oslo, Norway). What I see
> > is pretty bad. *All* of the DNS answers I receive from these 3 servers
> > have IP ID 0:
> > 
> > > 193.0.0.195   ns-pri.ripe.net.
> > > 192.54.112.30 h.gtld-servers.net.
> > > 202.12.28.140 sec3.apnic.net.
> 
> Some more high volume servers which only use IP ID 0 as seen from here:
> 
> 192.33.14.30	b.gtld-servers.net
> 192.43.172.30	i.gtld-servers.net
> 204.74.66.132	ns1.facebook.com
> 195.166.81.54	de1.sophosxl.com
> 195.166.81.55	de2.sophosxl.com
> 150.70.147.168	ns2.hashserver.cs.trendmicro.com
> 195.41.131.110	d.ns.spamhaus.org

perhaps they are running linux 2.4?

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0510

-- 
Robert Edmonds
edmonds at isc.org



More information about the dns-operations mailing list