[dns-operations] Querying version.bind illegal?

Vitalie Cherpec vitalie at penguin.ro
Thu May 23 20:09:30 UTC 2013

I was worried that my ISP will not bother to read details, it's much
easier to kick-off a client paying for a  cheap VPS. :) I've responded
to both parties offering all the details, so far I didn't received any

@Phil I'm not scanning servers in advance, the servers are being queried
when an user is requesting a report for a zone through the web interface,
reports are cached on Amazon S3  (>1 month).

@Stephane Thanks for sharing the link with the IP list!

@John Great checklist!

I was looking for similar experiences and I'm glad I found a few here.

Thank you,

On Thu, May 23, 2013 at 4:39 PM, Vitalie Cherpec <vitalie at penguin.ro> wrote:

> Hi,
> I've developed a DNS checking tool (http://www.dnsinspect.com/).
> After 5 years of running it without any issues, I've received today a
> compliant through my ISP from a big company in a foreign country.
> They pretend that my VPS is attacking their infrastructure while
> querying their DNS server's version and this request can be regarded
> as cyber-terror attack (my tool tries only to warn users exposing the
> DNS software version).
> I've blacklisted their DNS servers from being queried in the future,
> but I would like to know if querying version.bind is illegal (in
> some countries)?
> Regards,
> Vitalie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130523/fd3c14af/attachment.html>

More information about the dns-operations mailing list