Hi, Grace Ingabire writes: > > Does anyone know what is going on here? As I can't understand why we do > receive a lot of these messages in our logs. > > Jul 22 14:18:21 ns1 named[13045]: client 200.222.123.108#43576: query > (cache) 'www.minghui.org.s210.ip4.verteiltesysteme.net/A/IN' denied > > [...]
I'm the zone owner of verteiltesysteme.net. What you're seeing there are queries by open resolvers (more accurately: forwarders of open resolvers). This is part of a research project to measure the effect of the DNS injection censorship method. www.minghui.org is a name being blocked by by the Great Firewall of China via DNS injection. By querying for www.minghui.org.SUFFIX we can test whether the open resolver has a clean, uncensored path to your TLD nameservers. I'll add the addresses of .rw to our blacklist, so you won't be seeing any more of these queries. Sorry for inconvenience. Let me know if you have further questions. Regards, Matthäus Wander -- Universität Duisburg-Essen Verteilte Systeme Bismarckstr. 90 / BC 316 47057 Duisburg
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
