you're not interesting, was Re: another brick in the wall[ed garden]
Martin Hannigan
martin at theicelandguy.com
Fri May 15 09:28:01 UTC 2009
Anything traversing the edge. They are all revenue targets.
Best,
Martin
On 5/14/09, Mark Andrews <Mark_Andrews at isc.org> wrote:
>
> In message <20090514223605.88104.qmail at simone.iecc.com>, John Levine writes:
>> >Dear Sprint EVDO people,
>> >
>> >Your man-in-the-middle hijacking of UDP/53 DNS queries against
>> >nameservers that I choose to query from my laptop on Sprint EVDO is
>> >not appreciated. Even less appreciated is your complete blocking of
>> >TCP/53 DNS queries.
>>
>> If I were an ISP, and I knew that approximately 99.9% of customer
>> queries to random name servers was malware doing fake site phishing or
>> misconfigured PCs that will work OK and avoid a support call if they
>> answer the DNS query, with 0.1% being old weenies like us, I'd do what
>> Sprint's doing, too.
>
> And what's the next protocol that is going to be stomped on?
>
>> If you're aware of a mechanical way for them to tell the difference,
>> we're all ears.
>
> Well you can't answer a TSIG message without knowing the
> shared secret so you might as well just let it go through
> and avoid some percentage of support calls. Intercepting
> TSIG messages is guaranteed to generate a support call.
>
> Similarly intercepting "rd=0" is also guaranteed to generate
> a support call. You almost certainly have a interative
> resolver making the query which will not handle the "aa=0"
> responses.
>
> Similarly there is no sane reason to block DNS/TCP other than
> they can do it.
>
> Mark
>
>> Regards,
>> John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for
>> Dummies
>> ",
>> Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
>> "More Wiener schnitzel, please", said Tom, revealingly.
>>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
>
>
--
Martin Hannigan martin at theicelandguy.com
p: +16178216079
Power, Network, and Costs Consulting for Iceland Datacenters and Occupants
More information about the NANOG
mailing list