dns nameserver database now at oarc
play

DNS Nameserver Database Now at OARC Duane Wessels The Measurement - PowerPoint PPT Presentation

Oct 17, 2023 •238 likes •394 views

DNS Nameserver Database Now at OARC Duane Wessels The Measurement Factory/CAIDA WIDE+CAIDA Workshop #9 January 19, 2008 WIDE+CAIDA 0 The Measurement Factory Motivation Measurement Factory and CAIDA were doing periodic sur- veys of

  1. DNS Nameserver Database Now at OARC Duane Wessels The Measurement Factory/CAIDA WIDE+CAIDA Workshop #9 January 19, 2008 WIDE+CAIDA 0 The Measurement Factory

  2. Motivation • Measurement Factory and CAIDA were doing periodic sur- veys of nameservers, collecting information such as: – fpdns fingerprint – VERSION.BIND – HOSTNAME.BIND – PTR record – TCP support • Also had separate survey/database of open resolvers. • Wanted to turn periodic surveys into continuously updating database. • Has been running for a year or so now. • Recently transitioned to OARC. WIDE+CAIDA 1 The Measurement Factory

  3. Database Tables • nameservers: Nameserver IP addresses • names: DNS Names • glue: “Glue” records • fpdns: fingerprint • hbind: hostname.bind records • vbind: version.bind records • asn: AS number • ptr: PTR record • openres: openresolver test result WIDE+CAIDA 2 The Measurement Factory

  4. Flow sniffer sniffer sniffer sniffer nameservers ptr asn fpdns hbind vbind openres WIDE+CAIDA 3 The Measurement Factory

  5. Flow • passive sniffers send nameserver IP addresses and DNS names to the database. • nameservers are checked for aliveness by querying for one of (a.root-servers.net, www.google.com, localhost). • Unresponsive nameservers are not probed any further. WIDE+CAIDA 4 The Measurement Factory

  6. Freshners • Most of the tables have “freshner” scripts that run continu- ously and keep the tables up-to-date. • For example, the fpdns freshner re-fingerprints a nameserver every 7 days. WIDE+CAIDA 5 The Measurement Factory

  7. Sample Database Queries I • Find some ISC-hosted nameservers: SELECT ptr.addr,ptr.ptrname FROM ptr,asn WHERE asn.asn=1280 AND ptr.addr=asn.addr ; addr | ptrname -----------------+--------------------------------- 204.152.191.230 | <no answers> 204.152.188.30 | lah1z.vix.com 204.152.186.173 | packman-ha.isc.org 204.152.186.179 | art.net 204.152.186.144 | white.flame.org 204.152.185.196 | <no answers> 204.152.184.202 | ns-us1.nic.at 204.152.184.203 | obsd.isc.org 204.152.186.45 | klapaucius.zer0.org 204.152.186.50 | boole.openldap.org 204.152.186.51 | galois.openldap.org 204.152.186.52 | cantor.openldap.org 204.152.186.58 | proxy8.monitor.dal.net WIDE+CAIDA 6 The Measurement Factory

  8. Sample Database Queries II • Who runs Nominet software? SELECT vbind.addr,ptr.ptrname,vbind_seq.str FROM vbind,vbind_seq,ptr WHERE vbind_seq.str like ’Nominum%’ AND vbind_seq.id=vbind.vbind_id AND vbind.addr=ptr.addr ; addr | ptrname | str -----------------+----------------------------------+------------------------- 192.220.125.193 | ns2.onlyhosting.net | Nominum ANS 2.5.0.0 192.220.125.164 | ns2.hileytech.net | Nominum ANS 2.5.0.0 212.74.78.48 | ns2.colt-telecom.nl | Nominum ANS 2.8.0.0 202.166.27.108 | ad202.166.27.108.magix.com.sg | Nominum ANS 2.8.1.2 192.220.125.129 | ns2.wanderers.com | Nominum ANS 2.5.0.0 192.220.125.64 | ns2.axinet.com | Nominum ANS 2.5.0.0 212.74.78.17 | ns0.be.colt.net | Nominum ANS 2.8.0.0 192.220.125.87 | ns2.warbler.com | Nominum ANS 2.5.0.0 192.220.125.19 | nsb.ntx.net | Nominum ANS 2.5.0.0 192.220.124.141 | dns1.webhost.be | Nominum ANS 2.5.0.0 WIDE+CAIDA 7 The Measurement Factory

  9. Sample Database Queries III • Which nameservers have IPv6 addresses? SELECT name,v6 FROM glue WHERE v6!= ’{}’ ; name | v6 -------------------------+----------------------------------- jupiter.luon.net | {2001:888:1d84::} ns1.uninet.net.id | {2001:dc6:ff8e::1} ns1.es.net | {2001:400:14:2::10} bofh.it | {2001:1418:13::42} dns2.nhinetworks.com | {::ffff:204.251.15.190} ns01.lindos.ch | {2001:1b50::82:195:225:110} dns1.consulintel.com | {2a01:48:20:0:200:1cff:feb5:c535} mx-in.itb.ac.id | {2001:d30:3:0:202:44ff:fe35:228c} dns.koli.uni-miskolc.hu | {2001:738:6001:3f00::1} skm.shonan.bunkyo.ac.jp | {2001:200:166:2001::2} WIDE+CAIDA 8 The Measurement Factory

  10. Fingerprints For Everyone • fpdns fingerprints are served as a “DNSBL”: $ dig +short 241.5.5.192.fpdns.measurement-factory.com txt "ISC BIND 9.2.3rc1 -- 9.4.0a0" • Could also serve additional data this way. WIDE+CAIDA 9 The Measurement Factory

  11. Is My Resolver Open? • dig it: $ dig +short amiopen.openresolvers.org txt "Your resolver at 66.75.164.90 is CLOSED" WIDE+CAIDA 10 The Measurement Factory

  12. dnsinfo.pl WIDE+CAIDA 11 The Measurement Factory

  13. Future Work • Document database and how OARC members and public can utilize it. • Use ISC’s SIE to feed database with addresses, zones, and names. – To the extent that this little database can take the increased load • Add tables and code to track relationships between name- servers and zones they serve. • Keep track of whether a nameserver is used to serve au- thoritative data, as a caching resolver (sorry, iterative mode resolver), or both. WIDE+CAIDA 12 The Measurement Factory

  14. The End

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DNS-OARC Wayne MacLaurin Executive Director DNS-OARC Members EP.NET DNS-OARC's Mandate

DNS-OARC Wayne MacLaurin Executive Director DNS-OARC Members EP.NET DNS-OARC's Mandate

DNS-OARC Wayne MacLaurin Executive Director DNS-OARC Members EP.NET DNS-OARC's Mandate Operations Analysis Research Operations (Data Collection) 6+ years of continuous DSC summary statistics gathering from root and major TLD

298 views • 11 slides
Tools Suite Keith Mitchell, Jerry Lundstr m https://www.dns-oarc.net/ OARC's Mission The

Tools Suite Keith Mitchell, Jerry Lundstr m https://www.dns-oarc.net/ OARC's Mission The

UKNOF37 Manchester April 2017 OARC's DNS Software Tools Suite Keith Mitchell, Jerry Lundstr m https://www.dns-oarc.net/ OARC's Mission The Domain Name System Operations Analysis and Research Center (DNS-OARC) is a non-profit, membership

586 views • 27 slides
DNS-OARC and the Open Knowledge Network Keith Mitchell DNS-OARC President WIE-KISMET Workshop

DNS-OARC and the Open Knowledge Network Keith Mitchell DNS-OARC President WIE-KISMET Workshop

DNS-OARC and the Open Knowledge Network Keith Mitchell DNS-OARC President WIE-KISMET Workshop December 2019 OARC's Mission Statement The Domain Name System Operations Analysis and Research Center (DNS-OARC) is a non-profit, membership

163 views • 12 slides
draft-dickinson-dnsop- nameserver-control-01 Stephen Morris stephen@isc.org 1 NSCP Function

draft-dickinson-dnsop- nameserver-control-01 Stephen Morris stephen@isc.org 1 NSCP Function

draft-dickinson-dnsop- nameserver-control-01 Stephen Morris stephen@isc.org 1 NSCP Function Breakdown Commands - start, stop, halt etc. Zone manipulation add/remove zone, ACL creation, etc. Parameters - control nameserver

326 views • 9 slides
DNS Session 3: Configuration of Recap Authoritative Nameservice DNS is a distributed database

DNS Session 3: Configuration of Recap Authoritative Nameservice DNS is a distributed database

DNS Session 3: Configuration of Recap Authoritative Nameservice DNS is a distributed database Resolver asks Cache for information Cache traverses the DNS delegation tree to find Authoritative nameserver which has the Ayitey Bulley

415 views • 7 slides
The Importance of Being an Earnest stub Challenges and solution for the versatile stub Willem

The Importance of Being an Earnest stub Challenges and solution for the versatile stub Willem

The Importance of Being an Earnest stub Challenges and solution for the versatile stub Willem Toorop 13 May 2017 OARC 26 (Madrid) From the ground-up security Authoritative . Authoritative net dns-oarc.net A dns-oarc.net A Recursive

597 views • 45 slides
A busy year! ICANN 45 Tech Day/DNS-OARC Toronto, Canada Canadian Internet Registration Authority

A busy year! ICANN 45 Tech Day/DNS-OARC Toronto, Canada Canadian Internet Registration Authority

A busy year! ICANN 45 Tech Day/DNS-OARC Toronto, Canada Canadian Internet Registration Authority (CIRA) Jacques Latour ICANN 45 Tech Day / DNS-OARC 15 Oct 2012 Topics for presentation Major Technical Projects: New network architecture

446 views • 16 slides
Domain Statistics Collector Tutorial Duane Wessels DNS-OARC Advanced ccTLD Workshop September

Domain Statistics Collector Tutorial Duane Wessels DNS-OARC Advanced ccTLD Workshop September

Domain Statistics Collector Tutorial Duane Wessels DNS-OARC Advanced ccTLD Workshop September 16, 2008 ams-cctld-advanced 0 DNS-OARC What is DSC? A system for collecting, transferring, viewing, and storing a variety of measurements

583 views • 33 slides
Measuring DNS Source Port Randomness Duane Wessels DNS-OARC 1st CAIDA/WIDE/CASFI Workshop

Measuring DNS Source Port Randomness Duane Wessels DNS-OARC 1st CAIDA/WIDE/CASFI Workshop

Measuring DNS Source Port Randomness Duane Wessels DNS-OARC 1st CAIDA/WIDE/CASFI Workshop August 15, 2008 CAIDA+WIDE+CASFI #1 0 DNS-OARC Kaminsky DNS sucks. Okay, Im paraphrashing... Use random source ports to protect from

394 views • 21 slides
Database Utilities 10/17/2007 DC/Win Database Utilities Opening Database Utilities From File on

Database Utilities 10/17/2007 DC/Win Database Utilities Opening Database Utilities From File on

Database Utilities 10/17/2007 DC/Win Database Utilities Opening Database Utilities From File on the Menu Bar DC/Win Database Utilities Options Vary Depending on Database Two Types of Databases Sequel (SQL) Database Access Database

460 views • 6 slides
conficker.[ccTLD] Eric Ziegast / ISC DNS-OARC/ICANN March 14th, 2011 We want the Internet to

conficker.[ccTLD] Eric Ziegast / ISC DNS-OARC/ICANN March 14th, 2011 We want the Internet to

conficker.[ccTLD] Eric Ziegast / ISC DNS-OARC/ICANN March 14th, 2011 We want the Internet to work better. RPZ SIE RPKI Changing how New method for S the security e c u r i n DNS-based policy f g r communities o B m G P r

261 views • 14 slides
RIR delegation reports and address-by-economy measurements DNS-OARC Workshop 25 July 2005

RIR delegation reports and address-by-economy measurements DNS-OARC Workshop 25 July 2005

RIR delegation reports and address-by-economy measurements DNS-OARC Workshop 25 July 2005 George Michaelson APNIC ggm@apnic.net Summary All RIR produce daily reports on resource allocations and assignments Consistent format, single

758 views • 22 slides
Expecting Larger Records When TLSA Is Deployed Paul Hoffman, VPN Consortium OARC 2011 Spring

Expecting Larger Records When TLSA Is Deployed Paul Hoffman, VPN Consortium OARC 2011 Spring

Expecting Larger Records When TLSA Is Deployed Paul Hoffman, VPN Consortium OARC 2011 Spring Workshop V.01 1 Overview What is DANE/TLSA What a TLSA request and resource record will probably look like Expectations for timing and

139 views • 9 slides
Advanced Database CS 525: Organization? Advanced Database =Database Implementation

Advanced Database CS 525: Organization? Advanced Database =Database Implementation

Advanced Database CS 525: Organization? Advanced Database =Database Implementation Organization =How to implement a database system and have fun doing it ;-) 01: Introduction Boris Glavic Slides: adapted from a course taught by

198 views • 7 slides
DATABASE SYSTEMS Database programming in a web environment Database System Course AGENDA FOR

DATABASE SYSTEMS Database programming in a web environment Database System Course AGENDA FOR

DATABASE SYSTEMS Database programming in a web environment Database System Course AGENDA FOR TODAY The final project Advanced Mysql Database programming Recap: DB servers in the web Web programming architecture HTTP on a need-to-know basis.

688 views • 54 slides
DNS(SEC) client analysis assisted by Bart Gijsen (TNO) DNS-OARC, San Francisco, March 2011

DNS(SEC) client analysis assisted by Bart Gijsen (TNO) DNS-OARC, San Francisco, March 2011

powered by DNS(SEC) client analysis assisted by Bart Gijsen (TNO) DNS-OARC, San Francisco, March 2011 Overview DNS traffic analysis CLIENT [8], [9] Resolver [7] (DNS proxy) Authoritative Authoritative Applic. Root DNS ) Root

568 views • 20 slides
How did we end up here? Todd Montgomery - @toddlmontgomery Martin Thompson - @mjpt777 How bad

How did we end up here? Todd Montgomery - @toddlmontgomery Martin Thompson - @mjpt777 How bad

How did we end up here? Todd Montgomery - @toddlmontgomery Martin Thompson - @mjpt777 How bad can things really be? Software Project Success Rates Successful Challenged Failure Ad-hoc 49% 37% 14% Iterative 61% 28% 11% Agile 60% 28%

1.84k views • 116 slides
Evergreen Software Development RECENT TECH TRENDS AND THEIR IMPLICATIONS Whos This Bloke,

Evergreen Software Development RECENT TECH TRENDS AND THEIR IMPLICATIONS Whos This Bloke,

Evergreen Software Development RECENT TECH TRENDS AND THEIR IMPLICATIONS Whos This Bloke, Then? Nathaniel Eliot, CEO of The Greenfield Guild Two decade veteran of the software industry A guy who collects and invents metaphors

329 views • 16 slides
Dealing with Public Ethernet Jacks: Switches, Gateways, and Authentication Bob Beck

Dealing with Public Ethernet Jacks: Switches, Gateways, and Authentication Bob Beck

Dealing with Public Ethernet Jacks: Switches, Gateways, and Authentication Bob Beck beck@bofh.ucs.ualberta.ca University of Alberta Bob Beck Dealing with Public Ethernet Jacks: Switches, Gateways, and Authentication Nov 5, 1999 Page 1 The

543 views • 15 slides
Collaborators: O. Hen, E. Piasetzki and R. Torres Zero-range condition: 0 ,

Collaborators: O. Hen, E. Piasetzki and R. Torres Zero-range condition: 0 ,

Ronen Weiss and Nir Barnea Collaborators: O. Hen, E. Piasetzki and R. Torres Zero-range condition: 0 , Many quantities are connected to the conta tact ct : = /^4 for 2 3

558 views • 30 slides
NuFW The identity-based firewall or Why using Netfilter is cool ! Eric Leblond, eric@inl.fr

NuFW The identity-based firewall or Why using Netfilter is cool ! Eric Leblond, eric@inl.fr

NuFW The identity-based firewall or Why using Netfilter is cool ! Eric Leblond, eric@inl.fr Plan Introduction NuFW's genesis Presentation of the algorithm NuFW and nfnetlink What's next Conclusion In the beginning was

596 views • 25 slides
Authoritative Quality From Campus Identity Management to a Federated Solution EuroCAMP, Porto,

Authoritative Quality From Campus Identity Management to a Federated Solution EuroCAMP, Porto,

Authoritative Quality From Campus Identity Management to a Federated Solution EuroCAMP, Porto, 2005-11-07 Ingrid Melve, FEIDE manager From campus identity management to a federated solution Case: FEIDE Campus Identity Management 2

655 views • 30 slides
IP Reachability Differences: Myths and Reali&lt;es Dr. Dan Massey

IP Reachability Differences: Myths and Reali&lt;es Dr. Dan Massey

IP Reachability Differences: Myths and Reali&lt;es Dr. Dan Massey Colorado State University He Yan, Ben Say, Dave Oko, Brendan Sheridan Colorado State University Dr. Christos Papadopoulos Dr. Dan Pei

321 views • 19 slides
On the Usability of Firewall Configuration Tina Wong July 27 2006 CyLab IACBP 1 Firewalls

On the Usability of Firewall Configuration Tina Wong July 27 2006 CyLab IACBP 1 Firewalls

Carnegie Mellon CyLab 4720 FORBES AVENUE CIC BUILDING PITTSBURGH, PA 15213 PH: 412.268.1870 FX: 412.268.7675 www.cylab.cmu.edu On the Usability of Firewall Configuration Tina Wong July 27 2006 CyLab IACBP 1 Firewalls Firewalls are

890 views • 20 slides

More recommend