[dns-operations] Looking for a public blackhole/sinkhole IP address
Joe Abley
jabley at hopcount.ca
Wed Nov 26 22:36:59 UTC 2014
On 26 Nov 2014, at 17:05, Florian Lohoff <f at zz.de> wrote:
> On Wed, Nov 26, 2014 at 04:10:07PM -0500, Joe Abley wrote:
>
>> On 26 Nov 2014, at 14:06, Warren Kumari <warren at kumari.net> wrote:
>>
>>> What's wrong with 127.0.0.1? It makes it clear what the intent is, and
>>> you don't get a much more distributed sinkhole than that...
>>
>> I'm always wary of using 127.0.0.1 for anything that doesn't really mean "you
>> should talk to yourself". Without a comprehensive knowledge of the impact,
>> you don't know what you're blowing up.
>>
>>> If there really is a use case, let's try and get a block allocated,
>>> and encourage folk to anycast -> null0 for this.
>>
>> https://github.com/ableyjoe/draft-jabley-well-known-sinkhole
>>
>> Needs text. Not submitted. Co-authors welcome.
>
> Would it make sense to also mention an probably seperate address which should
> generate host unreachables? This should most likely be rate limited
> and probably tcp only or something.
My mental picture of a sinkhole is a hole into which things can be thrown without fear that they will come back out. What you're talking about sounds more like a volcano, which I would feel less happy standing next to with my bags of garbage. :-)
> For certain scenarios a quick "nothing here" could be useful
>
> E.g. sending smtp backscatter to a sink-hole or botnet command
> and control server.
Can you explain in more detail? I don't think I'm getting it.
If an end-user does something that triggers a packet to be sinkholed, who benefits if the sinkhole sources a packet back? This sounds like something that could be used to coordinate anonymous sinkhole backscatter towards arbitrary victims.
Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141126/281e5bd7/attachment.sig>
More information about the dns-operations
mailing list