NAMED LOGS
Mark Andrews
marka at isc.org
Tue Jul 23 01:36:58 UTC 2013
In message <51EDCFAD.5030404 at uni-due.de>, =?ISO-8859-15?Q?Matth=E4us_Wander?= w
rites:
>
> Hi,
>
> Grace Ingabire writes:
> >
> > Does anyone know what is going on here? As I can't understand why we do
> > receive a lot of these messages in our logs.
> >
> > Jul 22 14:18:21 ns1 named[13045]: client 200.222.123.108#43576: query
> > (cache) 'www.minghui.org.s210.ip4.verteiltesysteme.net/A/IN' denied
> >
> > [...]
>
> I'm the zone owner of verteiltesysteme.net. What you're seeing there are
> queries by open resolvers (more accurately: forwarders of open resolvers).
>
> This is part of a research project to measure the effect of the DNS
> injection censorship method. www.minghui.org is a name being blocked by
> by the Great Firewall of China via DNS injection. By querying for
> www.minghui.org.SUFFIX we can test whether the open resolver has a
> clean, uncensored path to your TLD nameservers.
How do you do that with a broken delegation? Did you think to ask
before delegating a zone to a zone not configured for it? What
does your Chancellor think about using uninformed third parties for
experiments like this?
> I'll add the addresses of .rw to our blacklist, so you won't be seeing
> any more of these queries. Sorry for inconvenience.
>
> Let me know if you have further questions.
>
> Regards,
> Matthaus Wander
>
> --
> University Duisburg-Essen
> Verteilte Systeme
> Bismarckstr. 90 / BC 316
> 47057 Duisburg
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list