[dns-operations] new public DNS service: 9.9.9.9
wbrown at e1b.org
wbrown at e1b.org
Mon Nov 20 18:04:44 UTC 2017
From: "Damian Menscher" <damian at google.com>
> Given the intent is to detect malicious hijacking, I'm not sure
> posting a query that can be imitated by others is useful. Instead,
> I recommend running a traceroute and confirming the path enters
> Google's network before reaching the final host.
Since the ISP could be hijacking just port 53 traffic, a better test is to
query for a totally bogus domain, and see what you get back. Google will
return NXDOMAIN, an ISP will usually take you to a search page or the
like.
Bill
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the individual or entity
identified above as the addressee. If you are not the addressee (or the
employee or agent responsible to deliver it to the addressee), or if this
message has been addressed to you in error, you are hereby notified that
you may not copy, forward, disclose or use any part of this message or any
attachments. Please notify the sender immediately by return e-mail or
telephone and delete this message from your system.
More information about the dns-operations
mailing list