Skip to main content

Posts

Showing posts from 2022

DNS response and error types

In this post we explore common DNS response codes. We will cover the following responses: NOERROR SERVFAIL NXDOMAIN NODATA REFUSED Throughout article we’ll refer to the following RFCs: RFC 1034 - DOMAIN NAMES - CONCEPTS AND FACILITIES RFC 2308 - Negative Caching of DNS Queries (DNS NCACHE) RFC 2136 - Dynamic Updates in the Domain Name System (DNS UPDATE) RFC 8914 - Extended DNS Errors Response Codes - RCODEs The DNS RCODES are best defined in RFC2316 .  They signify what type of response was sent by the server. “RCODE   Response code - this four bit field is undefined in requests and set in responses.”   The table below shows the summary of the currently defined RCODEs. Mnemonic Val Description NOERROR 0 No error condition.

DNS poisoning in Indonesia - deep dive

DNS blocking in Indonesia article was an introduction to DNS based censorship in Indonesia. This article will be a deep dive into the DNS censorship landscape in Indonesia based on a defined research methodology. This post covers: Overview of our large scale DNS research methodology Statistics on Indonesian DNS servers List of blocking IP addresses used by various ISPs in Indonesia Large scale DNS research methodology DNS servers To facilitate the research we have scanned the Indonesian IP space and collected the list of IP addresses responding to recursive DNS queries on port 53 UDP. We have collected over 10000 IP addresses. 6935 of them have been consistently responding to our queries. 474 of those have been classified as located outside of Indonesia based on geoip lookup during data post processing. In the end we have tested 6461 DNS servers. Test domains In the course of our research we have tested 9 public domain second level domains (SLDs). In addition we pre-fixed each domain