|
|
|
|
|
|
by Bender
1 hour ago
|
|
|
The domains with large numbers of TXT records are also used in DNS DDoS amplification attacks. Spoofed UDP requests to domains that have a large number of TXT records are used to slam other sites. In the past I would transparently strip the TXT records when I ran public DNS recursive resolvers nobody noticed except the botters but some here may be activated. Some domains with a lot of dangling records: for i in $(echo "ycombinator.com 500px.com box.com ebay.com google.com hm.com lenovo.com nordstrom.com realtor.com tmz.com wired.com");do echo -en "${i}: ";dig +short +nocookie -t TXT "${i}"|wc -l;done|sort -rn -k2
nordstrom.com: 39
lenovo.com: 38
realtor.com: 36
ebay.com: 36
hm.com: 34
box.com: 28
wired.com: 27
tmz.com: 22
500px.com: 17
ycombinator.com: 13
google.com: 13
Ebay used to be in first place, not sure what changed.In unbound.conf: local-zone: ycombinator.com typetransparent
local-data: 'ycombinator.com. TXT "[ddos redacted]"'
after the changes: dig +short +nocookie -t txt ycombinator.com
"[ddos redacted]"
|
|
|
Why the echo? "for" should handle a list of terms just fine.
Pedantic assholery aside, genuine question. Is this some sort of shell expansion injection countermeasure of which I am unfamiliar?
And for the record I quite enjoy employing the useless use of cat. It turns pumping a file into a pipeline from a screwball shell meta command into a command isometric to any other command. I sort of wish tee had a "suppress stdout flag" so it could be used more naturally as cat's counterpart.