#dnsdb

Le domaine seenthis.net a un joker, qui fait que tout nom sous seenthis.net existe. Testez ▻http://nimportequoi.seenthis.net, vous verrez.

Une des conséquences rigolotes est que les bases de « passive DNS », comme #DNSDB, gardent trace de tous ces noms rigolos qui ont été testés un jour par quelqu’un n’importe où sur l’Internet (du moins si son résolveur #DNS nourissait DNSDB). Voici la liste :

0.seenthis.net.
1.seenthis.net.
2.seenthis.net.
8.seenthis.net.
b.seenthis.net.
e.seenthis.net.
g.seenthis.net.
l.seenthis.net.
m.seenthis.net.
o.seenthis.net.
p.seenthis.net.
q.seenthis.net.
s.seenthis.net.
u.seenthis.net.
ww.w.seenthis.net.
z.seenthis.net.
01.seenthis.net.
10.seenthis.net.
11.seenthis.net.
14.seenthis.net.
19.seenthis.net.
77.seenthis.net.
94.seenthis.net.
a2.seenthis.net.
ae.seenthis.net.
ag.seenthis.net.
ak.seenthis.net.
aq.seenthis.net.
ar.seenthis.net.
at.seenthis.net.
b1.seenthis.net.
ba.seenthis.net.
bh.seenthis.net.
bm.seenthis.net.
bn.seenthis.net.
br.seenthis.net.
ch.seenthis.net.
cu.seenthis.net.
cz.seenthis.net.
dc.seenthis.net.
dz.seenthis.net.
ec.seenthis.net.
en.seenthis.net.
es.seenthis.net.
fb.seenthis.net.
fi.seenthis.net.
fl.seenthis.net.
fm.seenthis.net.
fo.seenthis.net.
gm.seenthis.net.
go.seenthis.net.
gp.seenthis.net.
gw.seenthis.net.
hk.seenthis.net.
hn.seenthis.net.
ht.seenthis.net.
ia.seenthis.net.
ie.seenthis.net.
iq.seenthis.net.
jm.seenthis.net.
ki.seenthis.net.
kr.seenthis.net.
ks.seenthis.net.
lb.seenthis.net.
lc.seenthis.net.
lr.seenthis.net.
lt.seenthis.net.
lw.seenthis.net.
lz.seenthis.net.
mc.seenthis.net.
me.seenthis.net.
mi.seenthis.net.
mk.seenthis.net.
mn.seenthis.net.
mo.seenthis.net.
ms.seenthis.net.
mx.seenthis.net.
a.mx.seenthis.net.
my.seenthis.net.
nb.seenthis.net.
nc.seenthis.net.
nd.seenthis.net.
ns.seenthis.net.
nu.seenthis.net.
pc.seenthis.net.
ph.seenthis.net.
pi.seenthis.net.
pm.seenthis.net.
pt.seenthis.net.
rc.seenthis.net.
rd.seenthis.net.
ru.seenthis.net.
sk.seenthis.net.
sr.seenthis.net.
ss.seenthis.net.
td.seenthis.net.
tp.seenthis.net.
ts.seenthis.net.
tz.seenthis.net.
uy.seenthis.net.
uz.seenthis.net.
vc.seenthis.net.
wp.seenthis.net.
ws.seenthis.net.
ww.seenthis.net.
wy.seenthis.net.
yt.seenthis.net.
zw.seenthis.net.
abc.seenthis.net.
aww.seenthis.net.
b02.seenthis.net.
b2c.seenthis.net.
bnc.seenthis.net.
bof.seenthis.net.
box.seenthis.net.
buy.seenthis.net.
com.seenthis.net.
con.seenthis.net.
cso.seenthis.net.
cvs.seenthis.net.
dev.seenthis.net.
dyn.seenthis.net.
edi.seenthis.net.
erp.seenthis.net.
esm.seenthis.net.
eta.seenthis.net.
fax.seenthis.net.
fsp.seenthis.net.
ftp.seenthis.net.
fw1.seenthis.net.
hal.seenthis.net.
ias.seenthis.net.
img.seenthis.net.
in3.seenthis.net.
in6.seenthis.net.
inc.seenthis.net.
lib.seenthis.net.
mac.seenthis.net.
mcm.seenthis.net.
mis.seenthis.net.
mp3.seenthis.net.
ms1.seenthis.net.
mta.seenthis.net.
mx0.seenthis.net.
mx1.seenthis.net.
mx2.seenthis.net.
mx3.seenthis.net.
mx4.seenthis.net.
mx5.seenthis.net.
mx7.seenthis.net.
mxs.seenthis.net.
nas.seenthis.net.
nat.seenthis.net.
nds.seenthis.net.
new.seenthis.net.
ns0.seenthis.net.
ns1.seenthis.net.
ns2.seenthis.net.
out.seenthis.net.
pay.seenthis.net.
pc4.seenthis.net.
pop.seenthis.net.
ras.seenthis.net.
reg.seenthis.net.
sec.seenthis.net.
sol.seenthis.net.
sql.seenthis.net.
srv.seenthis.net.
sun.seenthis.net.
sw0.seenthis.net.
tom.seenthis.net.
tst.seenthis.net.
vip.seenthis.net.
vnc.seenthis.net.
vpn.seenthis.net.
vps.seenthis.net.
wc3.seenthis.net.
web.seenthis.net.
ws4.seenthis.net.
ws7.seenthis.net.
www.seenthis.net.
mx1.www.seenthis.net.
pop.www.seenthis.net.
imap.www.seenthis.net.
mail.www.seenthis.net.
smtp.www.seenthis.net.
xml.seenthis.net.
2012.seenthis.net.
2014.seenthis.net.
adsl.seenthis.net.
blog.seenthis.net.
bole.seenthis.net.
bons.seenthis.net.
bugs.seenthis.net.
corp.seenthis.net.
data.seenthis.net.
dell.seenthis.net.
dhcp.seenthis.net.
dial.seenthis.net.
east.seenthis.net.
echo.seenthis.net.
file.seenthis.net.
golf.seenthis.net.
govt.seenthis.net.
home.seenthis.net.
host.seenthis.net.
ilmi.seenthis.net.
imap.seenthis.net.
img0.seenthis.net.
in-0.seenthis.net.
in-2.seenthis.net.
in-8.seenthis.net.
intl.seenthis.net.
iris.seenthis.net.
jrun.seenthis.net.
king.seenthis.net.
labs.seenthis.net.
live.seenthis.net.
luke.seenthis.net.
mac1.seenthis.net.
mac5.seenthis.net.
mail.seenthis.net.
smtp.mail.seenthis.net.
mall.seenthis.net.
mngt.seenthis.net.
mta1.seenthis.net.
mx00.seenthis.net.
mx01.seenthis.net.
mx10.seenthis.net.
mx20.seenthis.net.
name.seenthis.net.
node.seenthis.net.
ns01.seenthis.net.
ns02.seenthis.net.
nt40.seenthis.net.
null.seenthis.net.
open.seenthis.net.
ops1.seenthis.net.
ops2.seenthis.net.
owa1.seenthis.net.
owa2.seenthis.net.
pc10.seenthis.net.
pc25.seenthis.net.
pc26.seenthis.net.
pc27.seenthis.net.
pc36.seenthis.net.
pc37.seenthis.net.
pc39.seenthis.net.
pc41.seenthis.net.
pc46.seenthis.net.
pc47.seenthis.net.
pc49.seenthis.net.
pc51.seenthis.net.
pc55.seenthis.net.
pc56.seenthis.net.
pc57.seenthis.net.
pink.seenthis.net.
plus.seenthis.net.
pop3.seenthis.net.
post.seenthis.net.
ppp5.seenthis.net.
priv.seenthis.net.
pubs.seenthis.net.
read.seenthis.net.
regs.seenthis.net.
root.seenthis.net.
shop.seenthis.net.
smtp.seenthis.net.
spam.seenthis.net.
sql7.seenthis.net.
sun1.seenthis.net.
time.seenthis.net.
vpn2.seenthis.net.
wais.seenthis.net.
win1.seenthis.net.
wins.seenthis.net.
wire.seenthis.net.
wlan.seenthis.net.
work.seenthis.net.
ws11.seenthis.net.
ws12.seenthis.net.
www1.seenthis.net.
www5.seenthis.net.
www7.seenthis.net.
www9.seenthis.net.
zera.seenthis.net.
about.seenthis.net.
alpha.seenthis.net.
app01.seenthis.net.
as400.seenthis.net.
blogs.seenthis.net.
bsd02.seenthis.net.
cust3.seenthis.net.
cust4.seenthis.net.
cust5.seenthis.net.
cust7.seenthis.net.
datos.seenthis.net.
depot.seenthis.net.
email.seenthis.net.
eng01.seenthis.net.
5933d.faith.seenthis.net.
field.seenthis.net.
fixes.seenthis.net.
fotos.seenthis.net.
front.seenthis.net.
group.seenthis.net.
homer.seenthis.net.
host4.seenthis.net.
https.seenthis.net.
imail.seenthis.net.
imap4.seenthis.net.
img01.seenthis.net.
img02.seenthis.net.
india.seenthis.net.
jiaju.seenthis.net.
kayak.seenthis.net.
kenan.seenthis.net.
korea.seenthis.net.
lists.seenthis.net.
log02.seenthis.net.
login.seenthis.net.
lvyou.seenthis.net.
mail1.seenthis.net.
mail2.seenthis.net.
mail3.seenthis.net.
mail4.seenthis.net.
mail5.seenthis.net.
mail6.seenthis.net.
mail7.seenthis.net.
mail9.seenthis.net.
mailb.seenthis.net.
mailx.seenthis.net.
maint.seenthis.net.
mapas.seenthis.net.
music.seenthis.net.
mysql.seenthis.net.
north.seenthis.net.
ops02.seenthis.net.
order.seenthis.net.
owa02.seenthis.net.
posta.seenthis.net.
ppp13.seenthis.net.
ppp14.seenthis.net.
relay.seenthis.net.
sales.seenthis.net.
setup.seenthis.net.
smtp1.seenthis.net.
smtp2.seenthis.net.
smtp3.seenthis.net.
smtps.seenthis.net.
snort.seenthis.net.
stage.seenthis.net.
stock.seenthis.net.
tampa.seenthis.net.
tiger.seenthis.net.
titan.seenthis.net.
4zdm7.trade.seenthis.net.
users.seenthis.net.
vault.seenthis.net.
venus.seenthis.net.
vmail.seenthis.net.
win02.seenthis.net.
world.seenthis.net.
www-0.seenthis.net.
www-2.seenthis.net.
www-3.seenthis.net.
www-5.seenthis.net.
www-6.seenthis.net.
www-7.seenthis.net.
www-9.seenthis.net.
zmail.seenthis.net.
access.seenthis.net.
admins.seenthis.net.
apache.seenthis.net.
apollo.seenthis.net.
archiv.seenthis.net.
athena.seenthis.net.
backup.seenthis.net.
brazil.seenthis.net.
comune.seenthis.net.
mail.comune.seenthis.net.
smtp.comune.seenthis.net.
correo.seenthis.net.
cust10.seenthis.net.
cust14.seenthis.net.
cust17.seenthis.net.
cust20.seenthis.net.
cust23.seenthis.net.
cust27.seenthis.net.
cust29.seenthis.net.
cust39.seenthis.net.
cust42.seenthis.net.
cust47.seenthis.net.
cust52.seenthis.net.
cust55.seenthis.net.
cust62.seenthis.net.
cust64.seenthis.net.
cust71.seenthis.net.
cust72.seenthis.net.
cust77.seenthis.net.
cust78.seenthis.net.
cust79.seenthis.net.
cust80.seenthis.net.
cust89.seenthis.net.
cust94.seenthis.net.
cust95.seenthis.net.
dallas.seenthis.net.
engine.seenthis.net.
filter.seenthis.net.
finger.seenthis.net.
forums.seenthis.net.
france.seenthis.net.
fresno.seenthis.net.
gopher.seenthis.net.
hawaii.seenthis.net.
hermes.seenthis.net.
hobbes.seenthis.net.
iloapp.seenthis.net.
inside.seenthis.net.
irvine.seenthis.net.
juegos.seenthis.net.
laptop.seenthis.net.
mail01.seenthis.net.
mail02.seenthis.net.
mail10.seenthis.net.
mail11.seenthis.net.
mail12.seenthis.net.
mailer.seenthis.net.
mailgw.seenthis.net.
mailin.seenthis.net.
marvin.seenthis.net.
master.seenthis.net.
mbox12.seenthis.net.
mickey.seenthis.net.
mobile.seenthis.net.
www.mobile.seenthis.net.
ms-sql.seenthis.net.
mssql1.seenthis.net.
mxbiz1.seenthis.net.
mysql1.seenthis.net.
newton.seenthis.net.
ntmail.seenthis.net.
office.seenthis.net.
oracle.seenthis.net.
oregon.seenthis.net.
phones.seenthis.net.
poczta.seenthis.net.
portal.seenthis.net.
relay1.seenthis.net.
relay2.seenthis.net.
remote.seenthis.net.
server.seenthis.net.
shared.seenthis.net.
sierra.seenthis.net.
smtp01.seenthis.net.
submit.seenthis.net.
syslog.seenthis.net.
taiwan.seenthis.net.
testxp.seenthis.net.
tienda.seenthis.net.
tivoli.seenthis.net.
tucson.seenthis.net.
upload.seenthis.net.
uranus.seenthis.net.
usenet.seenthis.net.
viking.seenthis.net.
vmware.seenthis.net.
websvr.seenthis.net.
win2k3.seenthis.net.
xlogan.seenthis.net.
yellow.seenthis.net.
zimbra.seenthis.net.
asterix.seenthis.net.
auction.seenthis.net.
backend.seenthis.net.
biztalk.seenthis.net.
careers.seenthis.net.
certify.seenthis.net.
chicago.seenthis.net.
classes.seenthis.net.
closely.seenthis.net.
cluster.seenthis.net.
connect.seenthis.net.
console.seenthis.net.
cust100.seenthis.net.
cust103.seenthis.net.
cust112.seenthis.net.
cust116.seenthis.net.
cust117.seenthis.net.
cust120.seenthis.net.
cust123.seenthis.net.
cust125.seenthis.net.
dd3kz5q.seenthis.net.
desktop.seenthis.net.
dilbert.seenthis.net.
domains.seenthis.net.
dominio.seenthis.net.
empresa.seenthis.net.
florida.seenthis.net.
foundry.seenthis.net.
foxtrot.seenthis.net.
frfczvh.seenthis.net.
ftpssqw.seenthis.net.
fwwhswo.seenthis.net.
galerie.seenthis.net.
hjhsoga.seenthis.net.
hnvoqmn.seenthis.net.
houston.seenthis.net.
include.seenthis.net.
isaserv.seenthis.net.
jthrgpn.seenthis.net.
juniper.seenthis.net.
jwsjwbz.seenthis.net.
keynote.seenthis.net.
logfile.seenthis.net.
logging.seenthis.net.
lvliang.seenthis.net.
mailbox.seenthis.net.
mailsrv.seenthis.net.
manager.seenthis.net.
mdaemon.seenthis.net.
network.seenthis.net.
newmail.seenthis.net.
opsware.seenthis.net.
outmail.seenthis.net.
paginas.seenthis.net.
park-mx.seenthis.net.
partner.seenthis.net.
payroll.seenthis.net.
phoeniz.seenthis.net.
portals.seenthis.net.
privacy.seenthis.net.
pruebas.seenthis.net.
router1.seenthis.net.
scanner.seenthis.net.
sccwulf.seenthis.net.
schools.seenthis.net.
server1.seenthis.net.
server2.seenthis.net.
servers.seenthis.net.
soporte.seenthis.net.
staging.seenthis.net.
static0.seenthis.net.
static1.seenthis.net.
static2.seenthis.net.
static3.seenthis.net.
static7.seenthis.net.
static9.seenthis.net.
stlouis.seenthis.net.
sysback.seenthis.net.
syslogs.seenthis.net.
testasp.seenthis.net.
testphp.seenthis.net.
uniform.seenthis.net.
vantive.seenthis.net.
voyager.seenthis.net.
webcast.seenthis.net.
webfarm.seenthis.net.
webmail.seenthis.net.
wichita.seenthis.net.
win2003.seenthis.net.
wwwchat.seenthis.net.
zvjonmh.seenthis.net.
antispam.seenthis.net.
arkansas.seenthis.net.
authsmtp.seenthis.net.
bugzilla.seenthis.net.
calendar.seenthis.net.
cdburner.seenthis.net.
certserv.seenthis.net.
clusters.seenthis.net.
commerce.seenthis.net.
ctsentry.seenthis.net.
delaware.seenthis.net.
designer.seenthis.net.
download.seenthis.net.
downtown.seenthis.net.
eerduosi.seenthis.net.
engineer.seenthis.net.
exchange.seenthis.net.
server.fidelite.seenthis.net.
firewall.seenthis.net.
freebsd0.seenthis.net.
freebsd2.seenthis.net.
homepage.seenthis.net.
illinois.seenthis.net.
imapmail.seenthis.net.
in1-smtp.seenthis.net.
incoming.seenthis.net.
intranet.seenthis.net.
investor.seenthis.net.
listserv.seenthis.net.
mailgate.seenthis.net.
mailserv.seenthis.net.
messages.seenthis.net.
nameserv.seenthis.net.
newsfeed.seenthis.net.
noticias.seenthis.net.
oklahoma.seenthis.net.
outbound.seenthis.net.
personal.seenthis.net.
pictures.seenthis.net.
pipex-gw.seenthis.net.
products.seenthis.net.
remstats.seenthis.net.
reseller.seenthis.net.
shipping.seenthis.net.
shopping.seenthis.net.
smtpauth.seenthis.net.
static11.seenthis.net.
static14.seenthis.net.
static15.seenthis.net.
static18.seenthis.net.
static20.seenthis.net.
static22.seenthis.net.
static24.seenthis.net.
static26.seenthis.net.
static28.seenthis.net.
static35.seenthis.net.
sysadmin.seenthis.net.
termserv.seenthis.net.
testajax.seenthis.net.
training.seenthis.net.
webadmin.seenthis.net.
webcache.seenthis.net.
webstats.seenthis.net.
alterwind.seenthis.net.
appserver.seenthis.net.
arlington.seenthis.net.
barracuda.seenthis.net.
cleveland.seenthis.net.
database1.seenthis.net.
developer.seenthis.net.
devserver.seenthis.net.
filestore.seenthis.net.
formacion.seenthis.net.
fortworth.seenthis.net.
freebsd02.seenthis.net.
goedbegin.seenthis.net.
guestbook.seenthis.net.
interface.seenthis.net.
knoxville.seenthis.net.
localhost.seenthis.net.
mailrelay.seenthis.net.
newjersey.seenthis.net.
resumenes.seenthis.net.
schedules.seenthis.net.
skywalker.seenthis.net.
solutions.seenthis.net.
static1-3.seenthis.net.
static1-4.seenthis.net.
static1-5.seenthis.net.
static1-9.seenthis.net.
static2-1.seenthis.net.
static2-2.seenthis.net.
static2-6.seenthis.net.
static3-1.seenthis.net.
static3-5.seenthis.net.
static3-8.seenthis.net.
streaming.seenthis.net.
subscribe.seenthis.net.
suppliers.seenthis.net.
telephony.seenthis.net.
webserver.seenthis.net.
windows02.seenthis.net.
wordpress.seenthis.net.
22cn575615.seenthis.net.
cincinnati.seenthis.net.
clicktrack.seenthis.net.
conference.seenthis.net.
database02.seenthis.net.
developers.seenthis.net.
fallbackmx.seenthis.net.
gatekeeper.seenthis.net.
helponline.seenthis.net.
mailserver.seenthis.net.
mobilemail.seenthis.net.
msexchange.seenthis.net.
multimedia.seenthis.net.
peoplesoft.seenthis.net.
postmaster.seenthis.net.
realserver.seenthis.net.
recruiting.seenthis.net.
sacramento.seenthis.net.
sanantonio.seenthis.net.
sharepoint.seenthis.net.
smtpseguro.seenthis.net.
sourcecode.seenthis.net.
sourcesafe.seenthis.net.
strongmail.seenthis.net.
testaspnet.seenthis.net.
classifieds.seenthis.net.
consultants.seenthis.net.
cortafuegos.seenthis.net.
minneapolis.seenthis.net.
webservices.seenthis.net.
certificates.seenthis.net.
concentrator.seenthis.net.
confidential.seenthis.net.
distributers.seenthis.net.
estadisticas.seenthis.net.
pennsylvania.seenthis.net.
unauthorized.seenthis.net.
documentacion.seenthis.net.
northcarolina.seenthis.net.
unitedkingdom.seenthis.net.
administrators.seenthis.net.
commerceserver.seenthis.net.
2417426631177455233.seenthis.net.
3001574978040097455.seenthis.net.
4361107976512562729.seenthis.net.
sntxppu0tqlcd51fzq3.seenthis.net.

Grosse attaque par #déni_de_service hier et aujourd’hui contre le serveur #IRC #Freenode. On parle de 50 Gb/s.

▻http://status.engineyard.com/incidents/rs81b00526v2

Pour limiter les dégâts, les gens de Freenode injectent délibérement des enregistrements DNS incorrects, pointant vers l’adresse locale de la machine (127.0.0.1). Des exemples :

▻https://twitter.com/carsso/status/430296872868003840/photo/1

▻https://gist.github.com/bortzmeyer/8782108

$targets = gethostbynamel("irc.freenode.net");
$index = array_search('127.0.0.1',$targets);
if($index !== FALSE){
unset($targets[$index]);
}

#DNSDB montre aussi des utilisations de ces adresses locales, par exemple :

bailiwick freenode.net.
count 0
first seen 2014-02-03 09:11:42 -0000
last seen 2014-02-03 09:11:42 -0000
chat.freenode.net. A 38.229.70.20
chat.freenode.net. A 82.96.64.4
chat.freenode.net. A 86.65.39.15
chat.freenode.net. A 127.0.0.1
chat.freenode.net. A 127.0.0.2
chat.freenode.net. A 128.237.157.136
chat.freenode.net. A 130.239.18.172
chat.freenode.net. A 193.219.128.49
chat.freenode.net. A 208.80.155.68

Jeudi 20 juin vers 0000 UTC, un certain nombre de domaines ont été redirigés vers les serveurs de noms de Ztomy. Voici par exemple ce qui est arrivé au plus célèbre de ces domaines, linkedin.com, vu par DNSDB <►http://www.bortzmeyer.org/dnsdb.html> :

first seen 2013-06-20 00:17:09 -0000
last seen 2013-06-20 04:13:15 -0000
linkedin.com. NS ns1617.ztomy.com.
linkedin.com. NS ns2617.ztomy.com.

Selon certains témoignages, 50 000 domaines sont concernés. Cisco, par observation passive du DNS (comme DNSDB), en a confirmé 5 000 <▻http://blogs.cisco.com/security/hijacking-of-dns-records-from-network-solutions>.

Les serveurs de noms de Ztomy ne fournissant pas les réponses attendues, plus personne ne pouvait accéder aux services de ces domaines. Cela a logiquement fait du buzz <▻http://www.theregister.co.uk/2013/06/20/linkedin_dns_hijacked> <▻http://www.reddit.com/r/netsec/comments/1gpl3p/linkedin_dns_has_been_hijacked_pointing_at_rogue> <▻http://techcrunch.com/2013/06/19/linkedin-outage-due-to-possible-dns-hijacking> mais, comme souvent en ce qui concerne le DNS, sans informations techniques fiables et avec un vocabulaire très flou (« DNS poisoning » utilisé à tort et à travers).

Le bureau d’enregistrement de linkedin.com, Network Solutions, reconnait sa faute, dans un communiqué très court en détail et contenant au moins une grosse erreur (le problème n’était pas Web mais DNS) <▻https://www.networksolutions.com/blog/2013/06/important-update-for-network-solutions-customers-experiencing-webs>

Le meilleur article de synthèse sur ce problème, fait par des gens compétents, est celui de l’ISC <▻http://www.isc.org/blogs/hijacking-dns-error-ddos-what-happened-and-what-you-can-do>.

Il semble donc bien que le problème soit une erreur humaine ou un bogue : voulant rediriger des domaines attaqués vers un service de mitigation des attaques par déni de service (un service qu’on paie pour que la guerre ait lieu chez eux), Network Solutions s’est trompé et a envoyé ses clients chez Ztomy. Moins sexy qu’un piratage mais plus courant. Il y a plus de maladroits que de cyberguerriers chinois ou iraniens.

L’incident a rappelé la difficulté de la coordination dans l’Internet : une fois le problème corrigé, il a fallu vider les caches des résolveurs DNS <▻http://www.bortzmeyer.org/vider-cache-resolveur.html>, qui gardaient la mauvaise information en mémoire. Des tentatives de la part de Network Solutions, via des messages non authentifiés et ne contenant aucun détail ont suscité quelques sarcasmes <▻https://lists.dns-oarc.net/pipermail/dns-operations/2013-June/010346.html>.

Le problème continue sans doute en ce moment, puisque les TTL des domaines sont souvent très longs (ici, deux jours) :

craigslist.com. 172800 IN NS ns1620.ztomy.com.
craigslist.com. 172800 IN NS ns2620.ztomy.com.

#LinkedIn #NetworkSolutions #DNSDB #résilience #DNS #sécurité

Explorer le contenu du DNS dans le passé avec DNSDB

Le #DNS peut être vu comme une grande base de données répartie sur toute la planète. Cette base contient des données, les enregistrements. Ces enregistrements peuvent changer dans le temps, parfois assez vite, et on souhaiterait souvent revenir en arrière. L’adresse IP de google.ro a t-elle changé le 28 novembre 2012 ? Qu’est-il arrivé à meteofrance.com le 20 novembre 2012 ? Quand est apparu l’enregistrement d’une adresse IPv6 pour ovh.com ? Le service #DNSDB de l’#ISC permet de répondre à ces questions. C’est un véritable Internet Archive pour le DNS.

►http://www.bortzmeyer.org/dnsdb.html