pharming.. dns cache insertion...

Barry Margolin barmar at alum.mit.edu
Sat Apr 9 01:50:58 UTC 2005


In article <d3787i$2nkm$1 at sf1.isc.org>,
 "bruce" <bedouglas at earthlink.net> wrote:

> oh.. come on barry!!
> 
> if it was easy, anybody could do it!!! akamai figured out how to essentially
> map the internet traffic in real time... surely this couldn't be that much
> harder!!!
> 
> note the humour!! but seriously, how might it be done...
> 
> as a basic question, how many dns servers are we talking about if we simply
> constrain it to the dns servers that are exposed...
> 
> has anybody ever researched this???

Many thousands, I guess.  Every organization that hosts their own DNS 
will likely have several nameservers.

If you constrain it just to the ones that can be found by listing zones 
that have open "allow-transfer" ACLs, I suspect you'll only find 
something like 10-25% of them.  In that case, what's the point?  From 
the context, I assume the intent is to get a list of valid nameservers, 
so that you can avoid caching delegations pointing to anything outside 
the list.  But if the list is seriously incomplete, you risk an enormous 
number of false negatives.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***



More information about the bind-users mailing list