pharming.. dns cache insertion...

bruce bedouglas at earthlink.net
Fri Apr 8 21:02:07 UTC 2005 

brad,

doh! hence the question!!!!!

i got to thinking about this after your 1st email... my basic question was,
is there a list/compilation of valid IP addresses, taking into account that
the list is completely dynamic.. has anyone tried to compile such a list?
how the hell would you even do it?

my understanding of DNS, and the ancillary issues is quite limited, as i've
never really had to immerse myself into it...

but i'm curious...

thanks for your help/replies...

bruce


-----Original Message-----
From: Brad Knowles [mailto:brad at stop.mail-abuse.org]
Sent: Friday, April 08, 2005 1:46 PM
To: bedouglas at earthlink.net
Cc: 'Brad Knowles'; comp-protocols-dns-bind at isc.org
Subject: RE: pharming.. dns cache insertion...


At 12:37 PM -0700 2005-04-08, bruce wrote:

>  i know that there are, i believe 7 or 13 master/root dns servers across
the
>  net.

	Not individual machines, no.  Not anymore.  Thirteen root
nameserver IP addresses, but some are shared by multiple machines,
and some are shared by dozens of machines.  They are put behind
load-balancing switches, the IP addresses are distributed via
anycast, and a whole host of other high-availability/load-balancing
features are used.

>       is there a reasonable 'list'/compilation of all dns ip addresses?

	You mean all nameservers around the entire world?  No.  You'd
have to get a copy of every zone in existence and look at all the
advertised NS records, and even that would only tell you the ones
that are advertised -- plenty of people run "stealth" secondary
servers that are not advertised anywhere.  And then there are all the
caching-only servers which are not authoritative for anything.

	Even if you could get a copy of all domains around the world, by
the time you went through the list you'd have to go through all over
again, because the list is constantly changing.

>
is
>  this list available to the public? just talking about the external/public
>  ones, not the ones behind some nat router (192.168.x.x)

	I don't think you begin to understand the size and complexity of
the question.

--
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.

More information about the bind-users mailing list