[162051] in North American Network Operators' Group
Re: Open Resolver Problems
daemon@ATHENA.MIT.EDU (joel jaeggli)
Mon Apr 1 15:41:41 2013
Date: Mon, 01 Apr 2013 12:40:57 -0700
From: joel jaeggli <joelja@bogus.com>
To: Valdis.Kletnieks@vt.edu, Tony Finch <dot@dotat.at>
In-Reply-To: <10309.1364842775@turing-police.cc.vt.edu>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 4/1/13 11:59 AM, Valdis.Kletnieks@vt.edu wrote:
> On Mon, 01 Apr 2013 19:40:03 +0100, Tony Finch said:
>
>> You should be able to get a reasonable sample of IPv6 resolvers from the query
>> logs of a popular authoritative server.
> Hopefully, said logs are not easily accessible to the miscreants.
Miscreants with popular zones clearly can do that.
Reverse-lookups for spam originating machines might for example be a
sufficient source of queries if you control the reverse zone.
The DNS makes it's own gravy.
> (I still expect the most feasible method for the miscreants is to start a
> botnet and see what boxes get handed an IPv6 DNS via dhcp6).
