[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Yet another Quadruple DNS?

Subject: Yet another Quadruple DNS?
From: math at sizone.org (Ken Chase)
Date: Thu, 29 Mar 2018 12:34:37 -0400
In-reply-to: <CAPkb-7AYFstetV9dZdndT4DgyGEPsWjWAJoEd_vHBFBBNaBj6A@mail.gmail.com>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <20180329T131245Z@localhost> <[email protected]> <[email protected]> <[email protected]> <CAPkb-7AYFstetV9dZdndT4DgyGEPsWjWAJoEd_vHBFBBNaBj6A@mail.gmail.com>

Who's got visible projects looking to detect this from various points/regimes
on the internet? 

(University of Toronto's IXMaps group whom I advised a few times over the
years did something similar for routes, not that BGPlay isnt out there, but
they translated it into human as a sociology project - borne of the Carnivore
era. https://www.ixmaps.ca/ )

Im glad no one said Namecoin yet.

Oops.

/kc


On Thu, Mar 29, 2018 at 04:26:47PM +0000, Baldur Norddahl said:
  >>
  >>
  >> Technically, tweaking your DNS resolver to lie (and/or to log) is much
  >> easier and faster (and waaaaay less expensive) than setting up a
  >> packet interception and rewriting device at line rate.
  >>
  >
  >It is just a static /32 route for well known DNS resolvers to the ISP
  >resolver. It is free and trivial. To make your resolver reply with the
  >correct IP you simply add all the well known /32 addresses to the localhost
  >interface.
  >
  >To get any service instead of just well known ones, you can use source
  >routing based on the port nummer 53. Direct this to a Linux server that
  >will NAT the traffic towards the ISP DNS. This is also trivial and free,
  >provided your routers support source routing (ours do).
  >
  >Detectable yes, but also hard to escape for the average user. They will
  >need to go full VPN. Running your own resolver will not work.
  >
  >Regards
  >
  >Baldur

-- 
Ken Chase - math at sizone.org Guelph Canada

References:
- Yet another Quadruple DNS?
  - From: daknob.mac at gmail.com (DaKnOb)
- Yet another Quadruple DNS?
  - From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
- Yet another Quadruple DNS?
  - From: mattlists at rivervalleyinternet.net (Matt Hoppes)
- Yet another Quadruple DNS?
  - From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
- Yet another Quadruple DNS?
  - From: chip at 2bithacker.net (Chip Marshall)
- Yet another Quadruple DNS?
  - From: izaac at setec.org (Izaac)
- Yet another Quadruple DNS?
  - From: Brian at ampr.org (Brian Kantor)
- Yet another Quadruple DNS?
  - From: cma at cmadams.net (Chris Adams)
- Yet another Quadruple DNS?
  - From: bortzmeyer at nic.fr (Stephane Bortzmeyer)
- Yet another Quadruple DNS?
  - From: baldur.norddahl at gmail.com (Baldur Norddahl)

Prev by Date: Yet another Quadruple DNS?
Next by Date: Yet another Quadruple DNS?
Previous by thread: Yet another Quadruple DNS?
Next by thread: Yet another Quadruple DNS?
Index(es):
- Date
- Thread