Re: [dns-operations] Querying version.bind illegal?

Thu, 23 May 2013 06:59:23 -0700 

Vitalie Cherpec (vitalie) writes:
> Hi,
> 
> I've developed a DNS checking tool (http://www.dnsinspect.com/).
> After 5 years of running it without any issues, I've received today a
> compliant through my ISP from a big company in a foreign country.
> 
> They pretend that my VPS is attacking their infrastructure while
> querying their DNS server's version and this request can be regarded
> as cyber-terror attack (my tool tries only to warn users exposing the
> DNS software version).
> 
> I've blacklisted their DNS servers from being queried in the future,
> but I would like to know if querying version.bind is illegal (in
> some countries)?

        Hi Vitalie,

        That will all depend on the legislation in each country. I'm sure
        folks here have different stories to tell about what is and isn't
        legal at home.

        If this were a repeated and automated querying (say, using some 
company's
        web server as a target in Nagios to verify connectivity outside your
        network, or even doing regular polling for statistics purposes), you 
could
        argue that it's not very polite if you're not a customer of said ISP and
        you didn't ask for permission beforehand [1]

        In your case, it looks like your service will only query the servers of
        the ISP mentioned in relation to the zones being submitted via the web
        interface - correct ?

        In this case, they're probably just complaining because $BIGCOMPANY
        complained to their ISP, or ISP has some agreement with $BIGCOMPANY
        to show their teeth and gets paid for it. I wouldn't worry too much,
        but either way, you probably did the right thing in adding them to the
        exception list.

        [1] Of course, in the case of an automated measurement project, you 
can't
        realistically go and ask permission from everyone beforehand, but you
        may still want to have an informational page explaining what the service
        does and why the queries are benign.

        Cheers,
        Phil
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

Reply via email to