Implications of Netalyzr’s DNS Measurements
نویسندگان
چکیده
Netalyzr is a widely used network measurement and diagnosis tool. To date, it has collected 198,000 measurement sessions from 146,000 distinct IP addresses. One of the primary focus areas of Netalyzr is DNS behavior, including DNS resolver properties, common name lookups, NXDOMAIN wildcarding, lookup performance, and on-the-wire manipulations. Additional tests detect and categorize the behavior of any DNS proxies in the users’ gateways or firewalls. In this paper we report on DNS-specific insights from Netalyzr’s growing dataset. We identify significant problems in the existing DNS infrastructure, including unreliability of IP-level fragmentation, several kinds of result wildcarding, surprisingly poor lookup performance, and deliberate in-path DNS message manipulations. As these observations affect implementers of the DNS protocol as well as developers using common DNS APIs, we offer recommendations on common pitfalls and highlight likely impediments to the deployment of upcoming DNS technologies.
منابع مشابه
The Availability and Security Implications of Glue in the Domain Name System
The Domain Name System (DNS) is one of the most fundamental components of the Internet. While glue is widely used and heavily relied on in DNS operations, there is little thinking about the necessity, complexity, and venerability of such prevalent configuration. This work is the first to provide extensive and systematic analysis of DNS glue. It discusses the availability implications of glue an...
متن کاملPublication IV
In this paper we present Netalyzr, a network measurement and debugging service that evaluates the functionality provided by people’s Internet connectivity. The design aims to prove both comprehensive in terms of the properties we measure and easy to employ and understand for users with little technical background. We structure Netalyzr as a signed Java applet (which users access via their Web b...
متن کاملRecursive DNS Architectures and Vulnerability Implications
DNS implementers face numerous choices in architecting DNS resolvers, each with profound implications for security. Absent the use of DNSSEC, there are numerous interim techniques to improve DNS forgery resistance. We explore how different resolver architectures can affect the risk of DNS poisoning. The contributions of this work include: (A) We create a comprehensive, accurate model of DNS poi...
متن کاملGlobal Measurement of DNS Manipulation
Despite the pervasive nature of Internet censorship and the continuous evolution of how and where censorship is applied, measurements of censorship remain comparatively sparse. Understanding the scope, scale, and evolution of Internet censorship requires global measurements, performed at regular intervals. Unfortunately, the state of the art relies on techniques that, by and large, require user...
متن کاملThe Hitchhiker's Guide to DNS Cache Poisoning
DNS cache poisoning is a serious threat to today’s Internet. We develop a formal model of the semantics of DNS caches, including the bailiwick rule and trust-level logic, and use it to systematically investigate different types of cache poisoning and to generate templates for attack payloads. We explain the impact of the attacks on DNS resolvers such as BIND, MaraDNS, and Unbound and their impl...
متن کامل