[68765] in North American Network Operators' Group
Re: DNS requests for 1918 space
daemon@ATHENA.MIT.EDU (bill)
Tue Mar 16 13:12:31 2004
From: bill <bmanning@karoshi.com>
To: georger@getinfo.net (Geo.)
Date: Tue, 16 Mar 2004 10:08:28 -0800 (PST)
Cc: nanog@nanog.org
In-Reply-To: <EKECJMGPAACGOMIGLJJDOEICEBAA.georger@getinfo.net> from "Geo." at Mar 16, 2004 11:22:55 AM
Errors-To: owner-nanog-outgoing@merit.edu
>
> Can anyone point me at any papers that talk about security issues raised by
> private networks passing dns requests for RFC 1918 private address space out
> to their ISP's dns servers?
>
> I'm aware of the issues involved with an ISP passing the requests on to the
> root servers but was looking specifically for security type issues relating
> to a private network passing the requests out to their ISP's dns servers.
>
> Geo.
>
http://www.nanog.org/mtg-0210/wessels.html
has some very good information about some of the
problems w/ leaked queries.
http://as112.net/ has some mitigation stratagies.
--bill