Re: [DNSOP] DNS-Server distribution statistics
william manning <chinese.apricot@gmail.com> Mon, 13 February 2017 00:25 UTC
Return-Path: <chinese.apricot@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B8331294B8 for <dnsop@ietfa.amsl.com>; Sun, 12 Feb 2017 16:25:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LxrDmsBx7nf0 for <dnsop@ietfa.amsl.com>; Sun, 12 Feb 2017 16:25:30 -0800 (PST)
Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7703129417 for <dnsop@ietf.org>; Sun, 12 Feb 2017 16:25:29 -0800 (PST)
Received: by mail-it0-x234.google.com with SMTP id c7so62141880itd.1 for <dnsop@ietf.org>; Sun, 12 Feb 2017 16:25:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=s2NFUR533zvY1yDb2unu6JH8WjlVEK06uJdGz3mtN80=; b=UpsmQEA9Bd74NwXb3SO0q+Im/dQE+wS0p5Xsh2qTtKWdCmUIsF/UWEsBTMHc36AlFj 2ypvuqo6usoroyItRT3gr2NQpgJXemtyuRUtUeyZlw9i0oxU1wMsYZkCltKeizrnqzBu QOMnH8CD0VMxsJRFEg3NjPp1CksKaDPtbA3AP4CyMQSqnEo08yvsD0BC+vH6Lw8ATE/+ Uyf3Dd4Ci6lRuNfrZ0Y0Coa8ilmiy0hVrduBQPrhv/homhixmoQmO4hIicKe5RjLlcfM 5/VuGhvaGaK70ttfNW2lqKowpySk0nLix9NSbhclozXfWvwsQ71gMMHSSw0UvVajG4hg Ydhg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=s2NFUR533zvY1yDb2unu6JH8WjlVEK06uJdGz3mtN80=; b=KtSu90s1c/OxDoqKMmVDkgDEMD2DIEkxm+XuZpnL3zE2CpBRUbu1ucGzJsbIwA0HkC NgVyzZnmlCeCH+QSKwxrrB5Cd3A9vU7P0YTITV8od0KnzJ6bqb1TpV10OXnktAYxiN7h ZvGyXc2ru+tcoWlkXHdWZqjN/3a+2vpX5UE5sh9U5Il3+radZNsFTSmtklXTFP1ec1d+ R9pg4oH7bKcywBP4n1gunEr3tzZbcKHCsFFTxQq5TD11p6v76gJamkEQo+ogDPafGRwi hEE2EUtuVY2ZuTBFl6jQoDo4zL3wtM5q2drkkJ4mBbpkHFCdWvJ1rOdrBp8susZeoCn8 v6CQ==
X-Gm-Message-State: AMke39lvhHJ8UcXYMGrd2zaK90g7pgAT2CrJqdoNWs1a57FIx1lN6WSmp9EFeVgHJyheO9Throxtkz0grwiz7Q==
X-Received: by 10.107.147.6 with SMTP id v6mr21141864iod.235.1486945529218; Sun, 12 Feb 2017 16:25:29 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.159.209 with HTTP; Sun, 12 Feb 2017 16:25:28 -0800 (PST)
In-Reply-To: <CAHw9_iLSN6_G8TcjpKvOTDNx14L+skZyKDpzm2Bo7nUp9_w7rQ@mail.gmail.com>
References: <20170211224923.78115C0660@smtp.hushmail.com> <667F88F0-FD47-41C6-8A66-581070395FC0@vpnc.org> <A05B583C828C614EBAD1DA920D92866BD06D902B@PODCWMBXEX501.ctl.intranet> <CAKr6gn0wdesHON0-Spy7uEuCtRZ97Znk88LRf6==w=1eZzv-Mw@mail.gmail.com> <CAHw9_iLSN6_G8TcjpKvOTDNx14L+skZyKDpzm2Bo7nUp9_w7rQ@mail.gmail.com>
From: william manning <chinese.apricot@gmail.com>
Date: Sun, 12 Feb 2017 16:25:28 -0800
Message-ID: <CACfw2hgDV+LEa08qUwpFv8-cYkJ9qovF3OTT9hSMsm2pCd7oiQ@mail.gmail.com>
To: Warren Kumari <warren@kumari.net>
Content-Type: multipart/alternative; boundary="94eb2c05be5611d1f305485e7c73"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Zz_u1SCUngOwLKoAMg2k7ho6VXc>
Cc: dnsop <dnsop@ietf.org>, George Michaelson <ggm@algebras.org>
Subject: Re: [DNSOP] DNS-Server distribution statistics
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Feb 2017 00:25:32 -0000
which is why, Warren, that modern fingerprinting does not rely on what the server lies about. /W On Sun, Feb 12, 2017 at 2:56 PM, Warren Kumari <warren@kumari.net> wrote: > On Sun, Feb 12, 2017 at 5:44 PM, George Michaelson <ggm@algebras.org> > wrote: > > I have never entirely got with the people who think obscuring version > > information is necessary and correct. Designing for the bad actors > > presupposes they will somehow magically not attack you, simply because > > you obscured the version info. > > > > Root ops (I may misremember) stand out in my mind as a group who have > > from time to time said "we don't feel we need, or should tell you > > that" > > > > So on the whole, I think we should explore this "what version are you" > > question more, and possibly do better at flagging it. > > > > Having said which: people lie all the time. Either by intent, or > > because they reply with information which was correct when they set > > it, but has aged out. > > https://puck.nether.net/~jared/version.bind.results.20160402.txt > > What?!!!! You don't believe that there is at least one person running > version 3.14159? How 'bout "19,800yen"? > Surely you don't doubt that "An Italian is COMBING his hair in > suburban DES MOINES!" > > Still, nice to know that someone is keeping the love with a "C=64 with > Final Cartridge II and 1541 discdrive" > > W > > > > So even with the best of intentions, > > version-flagging needs to be taken with a grain of salt. > > > > -G > > > > On Sun, Feb 12, 2017 at 9:55 PM, Woodworth, John R > > <John.Woodworth@centurylink.com> wrote: > >> -----Original Message----- > >> From: DNSOP [mailto:dnsop-bounces@ietf.org] On Behalf Of Paul Hoffman > >>> > >>> On 11 Feb 2017, at 17:49, Allan Liska wrote: > >>> > >>> > ISC runs a monthly survey of DNS statistics: > >>> > https://ftp.isc.org/www/survey/reports/current/fpdns.txt (this is > from > >>> > January 2017). > >>> > Information about the survey is here: > >>> > https://ftp.isc.org/www/survey/reports/current/survey.html > >>> > Not sure how useful their data is, but they have been doing it for a > >>> > long time, so they have great trending analysis. > >>> > >>> Do note, however, that fingerprinting DNS servers has gotten much > harder > >>> over time, so take the results with a very large grain of salt. For > >>> example, the software that runs that survey seems to think that there > >>> are no versions of BIND 9 since 9.4.0a0. > >>> > >> > >> Thanks Paul! > >> > >> I was wondering about that. Figured there would be more people at least > >> near the bleeding-edge. > >> > >> > >> Thanks, > >> John > >> > >>> --Paul Hoffman > >>> > >>> _______________________________________________ > >>> DNSOP mailing list > >>> DNSOP@ietf.org > >>> https://www.ietf.org/mailman/listinfo/dnsop > >> > >> > >> -- THESE ARE THE DROIDS TO WHOM I REFER: > >> This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly prohibited and may be unlawful. If you have > received this communication in error, please immediately notify the sender > by reply e-mail and destroy all copies of the communication and any > attachments. > >> > >> _______________________________________________ > >> DNSOP mailing list > >> DNSOP@ietf.org > >> https://www.ietf.org/mailman/listinfo/dnsop > > > > _______________________________________________ > > DNSOP mailing list > > DNSOP@ietf.org > > https://www.ietf.org/mailman/listinfo/dnsop > > > > -- > I don't think the execution is relevant when it was obviously a bad > idea in the first place. > This is like putting rabid weasels in your pants, and later expressing > regret at having chosen those particular rabid weasels and that pair > of pants. > ---maf > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
- [DNSOP] DNS-Server distribution statistics Woodworth, John R
- Re: [DNSOP] DNS-Server distribution statistics Allan Liska
- Re: [DNSOP] DNS-Server distribution statistics Woodworth, John R
- Re: [DNSOP] DNS-Server distribution statistics Paul Hoffman
- Re: [DNSOP] DNS-Server distribution statistics Woodworth, John R
- Re: [DNSOP] DNS-Server distribution statistics George Michaelson
- Re: [DNSOP] DNS-Server distribution statistics Warren Kumari
- Re: [DNSOP] DNS-Server distribution statistics william manning