[dns-operations] Hall of DNS Shame (?)
Ondřej Surý
ondrej.sury at nic.cz
Tue Jan 24 13:46:37 UTC 2017
Hi,
I've been thinking lately (after seeing all the DNS protocol violations)
that a collaborative list of all DNS protocol violations in the wild
might be beneficial to both DNS implementors and also to increase a
pressure on those operators to fix their issues.
Perhaps we can have such list at some neutral place like DNS-OARC?
Unfortunately I have a plenty of material I can contribute as of this
moment.
My favorite one is log.kmplayer.com that just appends some extra \0
bytes after the last RRSet in the answer. (Probably allocating a
fixed sized buffer and sending it whole instead of just the part
that was filled?)
Cheers,
--
Ondřej Surý -- Technical Fellow
--------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:ondrej.sury at nic.cz https://nic.cz/
--------------------------------------------
----- Original Message -----
> From: "Theodore Baschak" <theodore at ciscodude.net>
> To: "dns-operations" <dns-operations at dns-oarc.net>
> Sent: Wednesday, 18 January, 2017 07:16:19
> Subject: Re: [dns-operations] Know anybody at McAfee/Intel Cloud DNS team?
> On Tue, Jan 17, 2017 at 9:13 PM, David < [ mailto:opendak at shaw.ca |
> opendak at shaw.ca ] > wrote:
>
>
>
> SonicWALL ( [ http://webcfs00.com/ | webcfs00.com ] ) is pretty bad at this too.
> Their "noise" account for about 10-15% of our servfail producing queries.
>
> Similarly, I've seen WISPs block fortigate FWs for their "abuse of port 53" as
> well.
More information about the dns-operations
mailing list