[dns-operations] Capturing 8.8.8.8 Traffic

Noel Butler noel.butler at ausics.net
Tue Feb 26 00:02:22 UTC 2013


On Mon, 2013-02-25 at 12:52 -0800, Paul Hoffman wrote:


> X has made one tradeoff that the customer didn't



The tradeoff is blocking open public DNS resolvers like 8.8.8.8

You could I guess spoof them for the exact same reason, but border
router blocking might be better, after all, 
security risk - poisoned caches etc...  It's why no one here (I hope),
runs a public open resolver.

But adding it to the fine print in SFOA/T&C's etc,  might be beneficial
in case someone wants to break contract because of it.

and putting tin foil hat on now :)  it would log those requests, and who
knows what google does with that data, it sure as hell doesnt do it for
the goodness of the planet, there is a commercial reason behind every
decision and service they provide.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130226/7a364a6a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: face-smile.png
Type: image/png
Size: 873 bytes
Desc: not available
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130226/7a364a6a/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130226/7a364a6a/attachment.sig>


More information about the dns-operations mailing list