On Apr 16, 2013, at 8:21 AM, Jared Mauch <[email protected]> wrote:
> Greetings, > > I took the latest 'Open Resolver' list and queried the hosts another time > with a version.bind query. > > You can view the results here: > > http://openresolverproject.org/version.bind.report.txt Ok, I didn't expect everyone to post this to twitter/facebook so fast :) FYI: The data in the OpenResolverProject is available for derivative works. I don't want to directly share where to find the lists of data, but some notes about it. 1) We run a weekly query for a unique name per IP 2) We match the response w/ query and note mismatches 3) I have per-ASN (ask your network people what it is) reports available if you email me from a corporate email address for your domain. Same if you are a national CERT. 4) The queries take ~6.5 hours to run ; Don't try to bulk scrape the data, it's easier to just ask/trick me or run your own scan. 5) I log the full response packet for the weekly scan. There are interesting sets of data encoded in there. 6) Many IPs repeat SERVFAIL for days/weeks after the query 7) Many hosts respond from a port other than 53 (!) meaning while they are a resolver, they are 'broken'. Some basic weekly summary data is available here: http://www.openresolverproject.org/breakdown.html If there's something specific you want parsed out of the responses, let me know and I can automate it. - Jared _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
