> Is there something special about RFC1918 in this respect? Wouldn't
> these resolvers not work for all of the IN-ADDR.ARPA space? Wouldn't
> they be hitting the roots with all kinds of PTR queries?
Good question. Certainly I do see plenty of non-1918 PTR queries as well,
but I don't have good s
Duane Wessels wrote:
The IN-ADDR.ARPA delegations for RFC1918 space are just like any
other block. You'll just end up hitting IANA's blackhole servers,
and not all that much, the cache times are one week.
In theory, yes.
In reality there are quite a few resolvers that, apparently, do not
receiv
On Tue, 16 Mar 2004 10:08:28 PST, bill said:
> http://www.nanog.org/mtg-0210/wessels.html
> has some very good information about some of the
> problems w/ leaked queries.
>
> http://as112.net/ has some mitigation stratagies.
That mitigates the issue, but fails to deal wi
> The IN-ADDR.ARPA delegations for RFC1918 space are just like any
> other block. You'll just end up hitting IANA's blackhole servers,
> and not all that much, the cache times are one week.
In theory, yes.
In reality there are quite a few resolvers that, apparently, do not
receive the delegation
On 16.03 11:22, Geo. wrote:
>
> Can anyone point me at any papers that talk about security issues raised by
> private networks passing dns requests for RFC 1918 private address space out
> to their ISP's dns servers?
RFC1918
On 16 Mar 2004, at 13:07, Crist Clark wrote:
The IN-ADDR.ARPA delegations for RFC1918 space are just like any
other block. You'll just end up hitting IANA's blackhole servers,
and not all that much, the cache times are one week.
Also, those blackhole servers are anycast, so they might even be
a
>
> Can anyone point me at any papers that talk about security issues raised by
> private networks passing dns requests for RFC 1918 private address space out
> to their ISP's dns servers?
>
> I'm aware of the issues involved with an ISP passing the requests on to the
> root servers but was look
Geo. wrote:
Can anyone point me at any papers that talk about security issues raised by
private networks passing dns requests for RFC 1918 private address space out
to their ISP's dns servers?
I've never seen the whole paper on the topic. Leaking the fact that
you use 10.10.10.0/24 or whatever int
On Tue, 16 Mar 2004 11:22:55 EST, "Geo." <[EMAIL PROTECTED]> said:
> I'm aware of the issues involved with an ISP passing the requests on to the
> root servers but was looking specifically for security type issues relating
> to a private network passing the requests out to their ISP's dns servers
Can anyone point me at any papers that talk about security issues raised by
private networks passing dns requests for RFC 1918 private address space out
to their ISP's dns servers?
I'm aware of the issues involved with an ISP passing the requests on to the
root servers but was looking specificall
10 matches
Mail list logo
