nanog mailing list archives
Re: you're not interesting, was Re: another brick in the wall[ed garden]
From: Martin Hannigan <martin () theicelandguy com>
Date: Fri, 15 May 2009 09:28:01 +0000 (UTC)
Anything traversing the edge. They are all revenue targets. Best, Martin On 5/14/09, Mark Andrews <Mark_Andrews () isc org> wrote:
In message <20090514223605.88104.qmail () simone iecc com>, John Levine writes:Dear Sprint EVDO people, Your man-in-the-middle hijacking of UDP/53 DNS queries against nameservers that I choose to query from my laptop on Sprint EVDO is not appreciated. Even less appreciated is your complete blocking of TCP/53 DNS queries.If I were an ISP, and I knew that approximately 99.9% of customer queries to random name servers was malware doing fake site phishing or misconfigured PCs that will work OK and avoid a support call if they answer the DNS query, with 0.1% being old weenies like us, I'd do what Sprint's doing, too.And what's the next protocol that is going to be stomped on?If you're aware of a mechanical way for them to tell the difference, we're all ears.Well you can't answer a TSIG message without knowing the shared secret so you might as well just let it go through and avoid some percentage of support calls. Intercepting TSIG messages is guaranteed to generate a support call. Similarly intercepting "rd=0" is also guaranteed to generate a support call. You almost certainly have a interative resolver making the query which will not handle the "aa=0" responses. Similarly there is no sane reason to block DNS/TCP other than they can do it. MarkRegards, John Levine, johnl () iecc com, Primary Perpetrator of "The Internet for Dummies ", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly.-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews () isc org
-- Martin Hannigan martin () theicelandguy com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants
Current thread:
- RE: you're not interesting, was Re: another brick in the wall[ed garden], (continued)
- RE: you're not interesting, was Re: another brick in the wall[ed garden] Tomas L. Byrnes (May 14)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] Mark Andrews (May 14)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] Patrick W. Gilmore (May 16)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] George Imburgia (May 17)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] Patrick W. Gilmore (May 17)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] Andre Gironda (May 14)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] Mans Nilsson (May 14)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] John R. Levine (May 15)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] Mans Nilsson (May 15)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] Owen DeLong (May 15)
- Re: you're not interesting, was Re: another brick in the wall[ed garden] Martin Hannigan (May 15)
- Re: another brick in the wall[ed garden] Andrew D Kirch (May 14)
- Re: another brick in the wall[ed garden] Robert E. Seastrom (May 15)