[dns-operations] cctld enumeration attack
Petr Špaček
pspacek at isc.org
Mon Jul 1 08:46:03 UTC 2024
On 13. 06. 24 12:06, Stephane Bortzmeyer wrote:
> On Mon, Jun 10, 2024 at 04:43:27PM -0700,
> Randy Bush <randy at psg.com> wrote
> a message of 8 lines which said:
>
>> anyone else seeing somewhat serious distributed cctld enumeration
>> attempts?
>
> A consequence of this talk (in French) at the SSTIC conference (5-7
> june)?
>
> https://www.sstic.org/2024/presentation/dig_com_axfr_dnssec__lister_linternet_grce__dnssec/
>
> The tool:
>
> https://github.com/arisada/malifar
The conclusion in
5.4 L'approche pragmatique
got me :-)
TL;DR: We can have lots of fun with NSEC3 but better open the zone right
away :-)
--
Petr Špaček
More information about the dns-operations
mailing list