IETF Logo Mail Archive

[rfc-dist] RFC 6305 on I'm Being Attacked by PRISONER.IANA.ORG!

rfc-editor at rfc-editor.org (rfc-editor at rfc-editor.org) Thu, 14 July 2011 00:59 UTC

From: "rfc-editor at rfc-editor.org"
Date: Wed, 13 Jul 2011 17:59:08 -0700
Subject: [rfc-dist] RFC 6305 on I'm Being Attacked by PRISONER.IANA.ORG!
Message-ID: <20110714005908.72E7198C553@rfc-editor.org>

A new Request for Comments is now available in online RFC libraries.

        
        RFC 6305

        Title:      I'm Being Attacked by PRISONER.IANA.ORG! 
        Author:     J. Abley, W. Maton
        Status:     Informational
        Stream:     IETF
        Date:       July 2011
        Mailbox:    joe.abley at icann.org, 
                    wmaton at ryouko.imsb.nrc.ca
        Pages:      8
        Characters: 15287
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-dnsop-as112-under-attack-help-help-06.txt

        URL:        http://www.rfc-editor.org/rfc/rfc6305.txt

Many sites connected to the Internet make use of IPv4 addresses that
are not globally unique.  Examples are the addresses designated in
RFC 1918 for private use within individual sites.

Hosts should never normally send DNS reverse-mapping queries for
those addresses on the public Internet.  However, such queries are
frequently observed.  Authoritative servers are deployed to provide
authoritative answers to such queries as part of a loosely
coordinated effort known as the AS112 project.

Since queries sent to AS112 servers are usually not intentional, the
replies received back from those servers are typically unexpected.
Unexpected inbound traffic can trigger alarms on intrusion detection
systems and firewalls, and operators of such systems often mistakenly
believe that they are being attacked.

This document provides background information and technical advice to
those firewall operators.  This document is not an Internet Standards Track 
specification; it is published for informational purposes.

This document is a product of the Domain Name System Operations Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  http://www.ietf.org/mailman/listinfo/ietf-announce
  http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor at rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

v2.23.0 | Report a Bug | By Email