nanog mailing list archives

Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.)

From: "John Levine" <johnl () iecc com>
Date: 9 May 2022 23:40:00 -0400

It appears that Rubens Kuhl <rubensk () gmail com> said:

It's perfectly reasonable to claim a database right in the WHOIS data,
but the offense is scraping WHOIS, not enumerating the DNS zone. ...

The zone file could be seen as an accessory to the database rip-off.
For instance, it would be hard to see such a dependency on Alexa 1M
top domains, since they are already enumerated. But some spam actors
deliberately compared zone file editions to single out additions, and
then harass the owners of newly registered domains, both by e-mail and
phone.


Yeah, I know, and some of us download and diff zone files every day to
see what's new to track abuse trends.  That doesn't annoy anyone other
than perhaps people whose phish campaigns it might disrupt.

Once again, the issue is WHOIS scraping, not the DNS.

R's,
John

Current thread:

Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.), (continued)
- - - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Mel Beckman (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Niels Bakker (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Mel Beckman (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Mel Beckman (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Ray Bellis (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Ray Bellis (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Rubens Kuhl (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 10)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 11)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 11)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 12)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 12)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Max Tulyev (May 24)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) David Conrad (May 24)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Rubens Kuhl (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 09)
  - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Warren Kumari (May 08)

(Thread continues...)