Re: [dns-privacy] Google Public DNS redirected through BGP
Stephane Bortzmeyer <bortzmeyer@nic.fr> Sat, 29 March 2014 21:23 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77D051A07D6 for <dns-privacy@ietfa.amsl.com>; Sat, 29 Mar 2014 14:23:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q6EWgYxnJFfN for <dns-privacy@ietfa.amsl.com>; Sat, 29 Mar 2014 14:23:11 -0700 (PDT)
Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [217.70.190.232]) by ietfa.amsl.com (Postfix) with ESMTP id 675691A07D5 for <dns-privacy@ietf.org>; Sat, 29 Mar 2014 14:23:11 -0700 (PDT)
Received: by mail.bortzmeyer.org (Postfix, from userid 10) id 7F6E83B813; Sat, 29 Mar 2014 22:23:06 +0100 (CET)
Received: by mail.sources.org (Postfix, from userid 1000) id 5F51C190756; Sat, 29 Mar 2014 22:18:31 +0100 (CET)
Date: Sat, 29 Mar 2014 22:18:31 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: dns-privacy@ietf.org
Message-ID: <20140329211831.GA23217@sources.org>
References: <20140317115453.GA5548@sources.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20140317115453.GA5548@sources.org>
X-Transport: UUCP rules
X-Operating-System: Debian GNU/Linux 7.3
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/dns-privacy/tK4yvWeuqy-ppFwmRMuuqxqv7Tc
Subject: Re: [dns-privacy] Google Public DNS redirected through BGP
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Mar 2014 21:23:13 -0000
On Mon, Mar 17, 2014 at 12:54:53PM +0100, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote a message of 11 lines which said: > https://twitter.com/bgpmon/status/445266642616868864 > > What's the link with DNS privacy? It's an example on a possible > threat when you use a public DNS resolver without authentication. I do > not know the motivactions of the attacker (it may have been a simple > fat-fingering) but such a BGP hijacking could be used to spy on Google > Public DNS traffic. And here, public resolvers Google Public DNS and OpenDNS redirected in Turkey, apparently through the IGP. Privacy implications are obvious: http://www.bortzmeyer.org/dns-routing-hijack-turkey.html
- [dns-privacy] Google Public DNS redirected throug… Stephane Bortzmeyer
- Re: [dns-privacy] Google Public DNS redirected th… Stephane Bortzmeyer