[dns-operations] About open DNS resolvers

WBrown at e1b.org WBrown at e1b.org
Tue Aug 21 11:59:37 UTC 2012


esolve esolve <esolvepolito at gmail.com> wrote on 08/20/2012 01:12:47 PM:

>       1 about the testing methodology, it needs to build a DNS 
> server and check whether it receives queries. Why can we just use 
> "dig @target_ip www.example.com" and see whether we can get a result?

Yes, you test that.  But perhaps that DNS server is used as a recursive 
name server for clients of the owner.  It could have the data in its cache 
and would answer your query with the cached data.  By checking that their 
authoritative name server received a query, that proves the server in 
question is open to recursion from the outside.





Confidentiality Notice: 
This electronic message and any attachments may contain confidential or 
privileged information, and is intended only for the individual or entity 
identified above as the addressee. If you are not the addressee (or the 
employee or agent responsible to deliver it to the addressee), or if this 
message has been addressed to you in error, you are hereby notified that 
you may not copy, forward, disclose or use any part of this message or any 
attachments. Please notify the sender immediately by return e-mail or 
telephone and delete this message from your system.



More information about the dns-operations mailing list