[175686] in North American Network Operators' Group
RE: .mil postmaster Contacts?
daemon@ATHENA.MIT.EDU (Chuck Church)
Wed Oct 29 10:43:44 2014
X-Original-To: nanog@nanog.org
From: "Chuck Church" <chuckchurch@gmail.com>
To: <ahebert@pubnix.net>,
<nanog@nanog.org>
In-Reply-To: <5450E81F.6040104@pubnix.net>
Date: Wed, 29 Oct 2014 10:43:34 -0400
Errors-To: nanog-bounces@nanog.org
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Alain Hebert
Sent: Wednesday, October 29, 2014 9:14 AM
To: nanog@nanog.org
Subject: Re: .mil postmaster Contacts?
> Might be related to the news (CNN this morning) about the WH network being
exploited for a few days now.
> They might be going after some .mil to and the tightening up of those
networks may cause disruption.
I think it has to do with DNSSEC. The google DNS FAQ mentions (along with
someone else who emailed me off-list) checking DNSVIZ for issues. So
looking at:
http://dnsviz.net/d/disa.mil/dnssec/
seems to indicate some issues. RRSET TTL MISMATCH I think they all are.
Any DISA people on here? Using a non-Google DNS (which I guess isn't doing
DNSSEC validation) does resolve the names fine.
Chuck
