IETF Logo Mail Archive

RFC 6305 on I'm Being Attacked by PRISONER.IANA.ORG!

rfc-editor@rfc-editor.org Thu, 14 July 2011 00:59 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31C151F0C5E; Wed, 13 Jul 2011 17:59:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.211
X-Spam-Level:
X-Spam-Status: No, score=-104.211 tagged_above=-999 required=5 tests=[AWL=1.465, BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, HOST_MISMATCH_COM=0.311, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DV+OPqYbWeP8; Wed, 13 Jul 2011 17:59:14 -0700 (PDT)
Received: from rfc-editor.org (rfcpa.amsl.com [64.170.98.47]) by ietfa.amsl.com (Postfix) with ESMTP id 88AE821F8895; Wed, 13 Jul 2011 17:59:13 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 72E7198C553; Wed, 13 Jul 2011 17:59:08 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
Subject: RFC 6305 on I'm Being Attacked by PRISONER.IANA.ORG!
From: rfc-editor@rfc-editor.org
Message-Id: <20110714005908.72E7198C553@rfc-editor.org>
Date: Wed, 13 Jul 2011 17:59:08 -0700
Cc: dnsop@ietf.org, rfc-editor@rfc-editor.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jul 2011 00:59:18 -0000

A new Request for Comments is now available in online RFC libraries.

        
        RFC 6305

        Title:      I'm Being Attacked by PRISONER.IANA.ORG! 
        Author:     J. Abley, W. Maton
        Status:     Informational
        Stream:     IETF
        Date:       July 2011
        Mailbox:    joe.abley@icann.org, 
                    wmaton@ryouko.imsb.nrc.ca
        Pages:      8
        Characters: 15287
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-dnsop-as112-under-attack-help-help-06.txt

        URL:        http://www.rfc-editor.org/rfc/rfc6305.txt

Many sites connected to the Internet make use of IPv4 addresses that
are not globally unique.  Examples are the addresses designated in
RFC 1918 for private use within individual sites.

Hosts should never normally send DNS reverse-mapping queries for
those addresses on the public Internet.  However, such queries are
frequently observed.  Authoritative servers are deployed to provide
authoritative answers to such queries as part of a loosely
coordinated effort known as the AS112 project.

Since queries sent to AS112 servers are usually not intentional, the
replies received back from those servers are typically unexpected.
Unexpected inbound traffic can trigger alarms on intrusion detection
systems and firewalls, and operators of such systems often mistakenly
believe that they are being attacked.

This document provides background information and technical advice to
those firewall operators.  This document is not an Internet Standards Track 
specification; it is published for informational purposes.

This document is a product of the Domain Name System Operations Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  http://www.ietf.org/mailman/listinfo/ietf-announce
  http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

v2.23.0 | Report a Bug | By Email