nanog mailing list archives

Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.)

From: Rubens Kuhl <rubensk () gmail com>
Date: Tue, 10 May 2022 00:09:55 -0300

It's perfectly reasonable to claim a database right in the WHOIS data,
but the offense is scraping WHOIS, not enumerating the DNS zone.

I could enumerate the DNS zone twice a day every day and so long as I stayed
away from WHOIS, nobody would notice or care.



The zone file could be seen as an accessory to the database rip-off.
For instance, it would be hard to see such a dependency on Alexa 1M
top domains, since they are already enumerated. But some spam actors
deliberately compared zone file editions to single out additions, and
then harass the owners of newly registered domains, both by e-mail and
phone.

A wrench can be a tool or a weapon, depending on how one uses it.


Rubens

Current thread:

Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.), (continued)
- - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Ray Bellis (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Mel Beckman (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Niels Bakker (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Mel Beckman (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Mel Beckman (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Ray Bellis (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Ray Bellis (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Rubens Kuhl (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 10)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 11)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 11)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 12)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 12)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Max Tulyev (May 24)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) David Conrad (May 24)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Rubens Kuhl (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 09)

(Thread continues...)