Newbie Questions: How-to monitor/control unauthorized uses of our IPs and DNS zones?

Valdis Kl=?utf-8?Q?=c4=93?=tnieks valdis.kletnieks at
Fri Aug 20 20:48:15 UTC 2021

On Fri, 20 Aug 2021 01:32:16 +0700, Pirawat WATANAPONGSE via NANOG said:

> 1. How-to monitor whether some outsiders are putting our IP addresses into
> their A/AAAA records without me knowing about it?

So some bozo sticks an entry in their DNS that says   A

Who cares? What problem does this cause?

You'd never even know it unless somebody/something actually *uses*
the DNS record - which will result in traffic to the address.  And at that
point, you usually don't care what DNS entry was used, except for the
case of a webserver serving multiple names and using different TLS
certificates for each name.

> 2. How-to monitor whether some outside websites are just ‘shells’, with
> contents actually being hosted by our servers without me knowing about it?

Again - what actual problem are you trying to solve here?  If you're being used
as a cache or backend site and don't know it, you have *bigger* problems.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 494 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list