What are you doing to my nameservers?
You may have been directed to this page because you are investigating
unexpected traffic to TCP port 53 on your nameservers, or unexpected
AXFRs of your zones in nameserver logs. This is part of an attempt to
collect data on the current DNS, to be used for analysis and as a basis
for simulation and testing of proposed new DNS architectures. It is a
similar project to those carried out at
RIPE
and ISC (although it has no
connection with those organisations). We'd like to reassure you that
this is not in any way malicious traffic:
- It is not a host scan. We are only connecting to machines because they
have been advertised as DNS servers.
- It is not a denial-of-service attack. We aim to connect to each server
at most once for each domain it is advertised for.
- It is not an indication of a planned attack. We will do nothing
with this data except for bulk analysis, and simulation experiments.
It will not be used to direct further (non-DNS) traffic to your network.
- It is not an unauthorised use of computer facilities. Your servers
are providing copies of this data to the public, and are advertised as
providing this service.
We mean you no harm, and hope that we have not caused any inconvenience.
If you believe that these requests are causing a serious problem,
please contact us with details, and we will investigate immediately.
This research is being carried out as part of the
Adam
project, by
Jon Crowcroft,
Tim Deegan and
Andy Warfield.
|