RFC 6305 on I'm Being Attacked by PRISONER.IANA.ORG!
rfc-editor@rfc-editor.org Thu, 14 July 2011 00:59 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31C151F0C5E; Wed, 13 Jul 2011 17:59:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.211
X-Spam-Level:
X-Spam-Status: No, score=-104.211 tagged_above=-999 required=5 tests=[AWL=1.465, BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, HOST_MISMATCH_COM=0.311, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DV+OPqYbWeP8; Wed, 13 Jul 2011 17:59:14 -0700 (PDT)
Received: from rfc-editor.org (rfcpa.amsl.com [64.170.98.47]) by ietfa.amsl.com (Postfix) with ESMTP id 88AE821F8895; Wed, 13 Jul 2011 17:59:13 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 72E7198C553; Wed, 13 Jul 2011 17:59:08 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
Subject: RFC 6305 on I'm Being Attacked by PRISONER.IANA.ORG!
From: rfc-editor@rfc-editor.org
Message-Id: <20110714005908.72E7198C553@rfc-editor.org>
Date: Wed, 13 Jul 2011 17:59:08 -0700
Cc: dnsop@ietf.org, rfc-editor@rfc-editor.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jul 2011 00:59:18 -0000
A new Request for Comments is now available in online RFC libraries. RFC 6305 Title: I'm Being Attacked by PRISONER.IANA.ORG! Author: J. Abley, W. Maton Status: Informational Stream: IETF Date: July 2011 Mailbox: joe.abley@icann.org, wmaton@ryouko.imsb.nrc.ca Pages: 8 Characters: 15287 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-dnsop-as112-under-attack-help-help-06.txt URL: http://www.rfc-editor.org/rfc/rfc6305.txt Many sites connected to the Internet make use of IPv4 addresses that are not globally unique. Examples are the addresses designated in RFC 1918 for private use within individual sites. Hosts should never normally send DNS reverse-mapping queries for those addresses on the public Internet. However, such queries are frequently observed. Authoritative servers are deployed to provide authoritative answers to such queries as part of a loosely coordinated effort known as the AS112 project. Since queries sent to AS112 servers are usually not intentional, the replies received back from those servers are typically unexpected. Unexpected inbound traffic can trigger alarms on intrusion detection systems and firewalls, and operators of such systems often mistakenly believe that they are being attacked. This document provides background information and technical advice to those firewall operators. This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Domain Name System Operations Working Group of the IETF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see http://www.ietf.org/mailman/listinfo/ietf-announce http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html. For downloading RFCs, see http://www.rfc-editor.org/rfc.html. Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC