[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Bogus Root DNS server Traffic.

From: Jason Giglio <jgiglio netmar com>
To: fedora-test-list redhat com, nanog merit edu
Cc:
Subject: Bogus Root DNS server Traffic.
Date: Mon, 27 Sep 2004 14:32:53 -0400

Hello,

This bug is in SuSe, Debian, every version of Red Hat I tested.

tcpdump -nl -i any -s 2048 dst port 53

ssh user host

14:53:30.239173 65.114.174.99.32778 > 205.171.3.65.domain: 64500+ AAAA? host.domain.com. (46) (DF) 14:53:30.267398 65.114.174.99.32778 > 205.171.3.65.domain: 64501+ AAAA? host. (26) (DF) 14:53:30.286020 65.114.174.99.32778 > 205.171.3.65.domain: 64502+ A? host.domain.com. (46) (DF)

That middle query is causing bogus root DNS server traffic every time someone sshs to an unqualified hostname within their LAN.

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131610

SSH people won't take responsibility for this bug. The Fedora people won't take responsibility for this bug. I'm sick of trying to report this bug, so here it is.

I figured the administrators of root DNS servers should know about this, which is why I copied to NANOG. Who knows how much bogus traffic this issue is causing. My guess is lots.


--
Jason Giglio
IT Coordinator
Smyth Bedford, VA, USA
Phone: 540-586-2311x113

Follow-Ups:
- Re: Bogus Root DNS server Traffic.
  - From: Daniel Roesen
- Re: Bogus Root DNS server Traffic.
  - From: Ken Snider

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]