pbarber at pietbarber.com
Wed Mar 12 18:51:18 GMT 2003
> Saw this reference to a NANOG message on the dnsop mailing list and was
> amused that someone had created the acronym:
Hey! That was my post on DNSop! Small world.
> This was prompted by misconfigured firewalls blocking DNS replies to
> buggy resolvers and causing undue load on the root DNS servers:
Hey that's my draft! Small world. :)
We get mail about twice a week where somebody is angrily accusing us of
hacking their network, when the IP address is clearly A root, the
source port is clearly port 53, and the content is DNS.
That is not to say that the bad guys aren't capable of spoofing the a
root's address to do probes identical to this. It just doesn't ever seem
to be the case. In a response, we identify the likely cause -- firewall
misconfiguration, and we almost always get a message shortly thereafter
saying something along the lines of:
"Sorry, You're right. Our problem. Bad firewall config"
More information about the list