[dns-operations] Querying version.bind illegal?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu May 23 13:51:30 UTC 2013
On Thu, May 23, 2013 at 04:39:13PM +0300,
Vitalie Cherpec <vitalie at penguin.ro> wrote
a message of 73 lines which said:
> After 5 years of running it without any issues, I've received today
> a compliant through my ISP from a big company in a foreign country.
It is a common problem with active measurements. I note that most of
these complaints are stupid and misinformed.
> They pretend that my VPS is attacking their infrastructure while
> querying their DNS server's version and this request can be regarded
> as cyber-terror attack
Post the name of this Web server and we'll all send CH TXT
version.bind queries to it :-)
> I've blacklisted their DNS servers from being queried in the future,
Do note that OARC maintains its list, which is simpler than doing it
yourself:
https://www.dns-oarc.net/oarc/services/dontprobe
> I would like to know if querying version.bind is illegal (in some
> countries)?
IANAL but I suspect the moron who treathened you isn't either.
In France, we received no formal complaint :-) Those who read french
can see the result in
<http://www.bortzmeyer.org/versions-serveurs-dns.html>.
And speaking of security, pay attention to the CH TXT record of
ns1.conostix.com :-)
More information about the dns-operations
mailing list