matthaeus.wander at uni-due.de
Tue Jul 23 00:34:53 UTC 2013
Grace Ingabire writes:
> Does anyone know what is going on here? As I can't understand why we do
> receive a lot of these messages in our logs.
> Jul 22 14:18:21 ns1 named: client 220.127.116.11#43576: query
> (cache) 'www.minghui.org.s210.ip4.verteiltesysteme.net/A/IN' denied
I'm the zone owner of verteiltesysteme.net. What you're seeing there are
queries by open resolvers (more accurately: forwarders of open resolvers).
This is part of a research project to measure the effect of the DNS
injection censorship method. www.minghui.org is a name being blocked by
by the Great Firewall of China via DNS injection. By querying for
www.minghui.org.SUFFIX we can test whether the open resolver has a
clean, uncensored path to your TLD nameservers.
I'll add the addresses of .rw to our blacklist, so you won't be seeing
any more of these queries. Sorry for inconvenience.
Let me know if you have further questions.
Bismarckstr. 90 / BC 316
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5156 bytes
Desc: S/MIME Cryptographic Signature
More information about the bind-users