<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] Root-Servers missing: g.root-servers.net and k.root-servers.net
- To: Ga <ga@xxxxxxxxxxxxxx>
- Subject: Re: [ga] Root-Servers missing: g.root-servers.net and k.root-servers.net
- From: Peter Dambier <peter@xxxxxxxx>
- Date: Tue, 29 Jul 2008 20:21:14 +0200
Hello,
I am glad to report they are all back now.
I missed "G" for half a day.
Interestingly enough I found out
; <<>> DiG 9.4.0 <<>> +norec @k.root-servers.net chaos txt id.server
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54798
;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;id.server. CH TXT
;; ANSWER SECTION:
id.server. 0 CH TXT "k1.linx.k.ripe.net"
;; Query time: 83 msec
;; SERVER: 193.0.14.129#53(193.0.14.129)
;; WHEN: Mon Jul 28 18:11:21 2008
;; MSG SIZE rcvd: 58
I expected "kserver.denic" for Frankfurt, but that is London.
I am told that is due to the peculiar peering policy of DTAG.de, my ISP.
What made my hairs stand on the end was to know that a lot
of people including me, feel ANYCAST is kind of a routing error.
Everybody is concerned about ISPs and Apple to fix their DNS-servers
to hide hide a bug that is as old as Cashpureff's attack.
Nobody thinks how easy it is to steal the /24 anycast cloud of
each one of the root-servers.
There are some 20 "k.root-servers.net, most of them in europe.
Stealing one of them a share of its clients will get you an
awful lot of PCs you can direct to a site with a troyan.
DNSSEC does not prevent it. The poor clients wont even see it.
The patch does not prevent it. There is no need to guess ports
or numbers.
Kind regards
Peter
--
Peter and Karin Dambier
Planet Communication and Computing Facility
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter@xxxxxxxx
http://www.pccf.net/
http://www.peter-dambier.de/
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|