On May 23, 2013, at 10:09 AM, Phil Regnauld <[email protected]> wrote:
> Jared Mauch (jared) writes: >> >> Looking at a.2.C, it could apply to anything a DNS server replies with. >> Then again, it's a server so meant to be a public item, so I wouldn't be >> concerned. > > That's a tricky assumption - it really depends what you > were querying *for* on the server: a query like server.bind, > while being a well established way of querying for the software > and version of a DNS server, does not mean you are allowed to > probe for that specific information in the eyes of the owner. > > IANAL, and I do agree with you about not being concerned, but I'm > always cautious when giving advice to other people :) Apparently some folks will attempt to say that having Wget as your user-agent is evidence you are a "hacker" and criminal fetching data on a server exposed to the internet. http://arstechnica.com/security/2013/05/reporters-use-google-find-breach-get-branded-as-hackers/ BTW: Can someone find the Qwest email addresses on this list and remove them? I keep getting the wonderful Centurylink autoresponder saying their address isn't valid anymore sending mail to me and not honoring the Errors-to: etc - Jared _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
