DNS Flag Day, Friday, Feb 1st, 2019

• Previous message (by thread): DNS Flag Day, Friday, Feb 1st, 2019
• Next message (by thread): DNS Flag Day, Friday, Feb 1st, 2019
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

And if you don’t want to go to the web site you can still see the content here

https://github.com/dns-violations/dnsflagday

> On 24 Jan 2019, at 4:32 pm, Mark Andrews <marka at isc.org> wrote:
> 
> Also as a lot of you use F5 servers here is information about DNS flag day
> fixes.
> 
> https://support.f5.com/csp/article/K07808381?sf206085287=1
> 
>> On 24 Jan 2019, at 3:51 pm, Christopher Morrow <morrowc.lists at gmail.com> wrote:
>> 
>> 
>> 
>> On Wed, Jan 23, 2019 at 11:45 PM Mark Andrews <marka at isc.org> wrote:
>> Well you can go to https://ednscomp.isc.org and click on "Test Your Servers Here”
>> which is what https://dnsflagday.net calls behind the scenes.  You will just need
>> to interpret the results as they apply to DNS flag day.  If you don’t want to go
>> there you can go to https://gitlab.isc.org and down load and compile the DNS
>> compliance tester and then run “genreport -i bind11 -e”. which is the actual test
>> code being run.
>> 
>> 
>> oh excellent, I'll do this version. thanks.
>> 
>> But hey you did do proper acceptance testing when you installed your DNS servers
>> and firewalls to ensure that they implemented the DNS protocol correctly and they
>> your firewalls don’t block well formed DNS queries (lots of them do by default).
>> 
>> 
>> I did, yes.
>> 
>> Mark
>> 
>>> On 24 Jan 2019, at 3:35 pm, Christopher Morrow <morrowc.lists at gmail.com> wrote:
>>> 
>>> 
>>> 
>>> On Wed, Jan 23, 2019 at 7:11 PM Brian Kantor <Brian at ampr.org> wrote:
>>> Quoting from the web site at https://dnsflagday.net/
>>> 
>>> 
>>> huh, from the 'dns illuminati' eh"
>>> 
>>> DNS hosted by gandi.net? resolves to 3 /32's on 3 adjacent /24's.. in github's ip space, routed by fastly.com ...
>>> I'm sure glad the  whois data for that domain is sensible too... :(
>>> 
>>> none of that particularly leaves me feeling like I should go put any data at all into the site.
>>> 
>>> -chris
>> 
>> -- 
>> Mark Andrews, ISC
>> 1 Seymour St., Dundas Valley, NSW 2117, Australia
>> PHONE: +61 2 9871 4742              INTERNET: marka at isc.org
>> 
> 
> -- 
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742              INTERNET: marka at isc.org
> 

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

• Previous message (by thread): DNS Flag Day, Friday, Feb 1st, 2019
• Next message (by thread): DNS Flag Day, Friday, Feb 1st, 2019
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]