[dns-operations] Querying version.bind illegal?

Stephane Bortzmeyer bortzmeyer at nic.fr
Thu May 23 13:51:30 UTC 2013


On Thu, May 23, 2013 at 04:39:13PM +0300,
 Vitalie Cherpec <vitalie at penguin.ro> wrote 
 a message of 73 lines which said:

> After 5 years of running it without any issues, I've received today
> a compliant through my ISP from a big company in a foreign country.

It is a common problem with active measurements. I note that most of
these complaints are stupid and misinformed. 

> They pretend that my VPS is attacking their infrastructure while
> querying their DNS server's version and this request can be regarded
> as cyber-terror attack

Post the name of this Web server and we'll all send CH TXT
version.bind queries to it :-)

> I've blacklisted their DNS servers from being queried in the future,

Do note that OARC maintains its list, which is simpler than doing it
yourself:

https://www.dns-oarc.net/oarc/services/dontprobe

> I would like to know if querying version.bind is illegal (in some
> countries)?

IANAL but I suspect the moron who treathened you isn't either.

In France, we received no formal complaint :-) Those who read french
can see the result in
<http://www.bortzmeyer.org/versions-serveurs-dns.html>.

And speaking of security, pay attention to the CH TXT record of
ns1.conostix.com :-)



More information about the dns-operations mailing list