First, the location of CDN nodes is not relevant to passive DNS monitoring. If Andrew would like a list of domains with CDN hostnames in them, that might be findable.
Second, a list of CDN nodes is likely impossible to gather & maintain without the help of the CDNs themselves. There are literally thousands of them, most do not serve the entire Internet, and they change frequently. And before you ask, I know at least Akamai will _not_ give you their list, so don't even try to ask them. Sorry this makes your life more difficult. Perhaps if you explained why you were doing address lookups, the collective body could help you come up with a better solution? -- TTFN, patrick On Nov 15, 2013, at 10:06 , Michael Collins, Aleae <mcoll...@aleae.com> wrote: > I'll second that; CDNs are a constant pain for me when I'm doing address > lookups. A list of them would make life a lot easier for a bunch of > different investigative processes. > > If there isn't one right now, I think I could get off my tuchas and > start maintaining one if anyone's interested in pitching in. > > > On 11/14/13 5:19 PM, Andrew Fried wrote: >> Actually, a list of CDNs would be very handy. I harvest botnets and >> fast flux hosts out of passive dns, and some of the heuristics used to >> identify them are similar to what CDNs look like. >> >> Having a decent list of CDN effective top level domains alone would be >> useful for redacting those hosts. >> >> Andy >> >> >> Andrew Fried >> andrew.fr...@gmail.com >> >> On 11/14/13, 5:11 PM, Patrick W. Gilmore wrote: >>> List of CDNs would be difficult, but not impossible. Although they do >>> different things, so a simple list is unlikely to be as useful as it looks. >>> >>> A lost of CDN "DC nodes" is not possible. Why do you care about such a >>> thing anyway? >>> > >
signature.asc
Description: Message signed with OpenPGP using GPGMail
