Category Archives: DNS

透過 DNS TXT 傳遞指令的惡意程式

看到「New Fileless Malware Uses DNS Queries To Receive PowerShell Commands」這篇,所以是有人開始這樣惡搞了... Distributed through an email phishing campaign, the DNSMessenger attack is completely Fileless, as it does not involve writing files to the targeted system; instead, it uses DNS TXT messaging capabilities … Continue reading

Posted in Computer, DNS, Murmuring, Network, Security, Spam | Tagged , , , , , , , | Leave a comment

Cloudflare 因為閏秒炸掉...

Cloudflare 這次閏秒炸掉:「How and why the leap second affected Cloudflare DNS」,影響範圍包括了 DNS query 與 HTTP request: At peak approximately 0.2% of DNS queries to Cloudflare were affected and less than 1% of all HTTP requests to Cloudflare encountered an error. 主要的原因在於 … Continue reading

Posted in CDN, Cloud, Computer, DNS, Murmuring, Network, Programming, Software, WWW | Tagged , , , , , , , , , | Leave a comment

英國通過法案要求 ISP 記錄使用者觀看過的網站

英國前幾天通過了最激烈的隱私侵犯法案,要求 ISP 必須記錄使用者觀看過的網站:「Britain has passed the 'most extreme surveillance law ever passed in a democracy'」: The law forces UK internet providers to store browsing histories -- including domains visited -- for one year, in case of police investigations. 不愧是 George … Continue reading

Posted in Computer, DNS, Murmuring, Network, Political, Security, Social, WWW | Tagged , , , , , , , , , , , , , | Leave a comment

Route53 也支援 IPv6 了...

Amazon Route 53 也宣佈支援 IPv6 了:「Amazon Route 53 Now Supports DNS Queries over IPv6 Networks」。 依照說明應該是無痛切換過去: The change is seamless and requires no action from you; your end users and clients can begin making DNS queries over IPv6 immediately. 不過測了 … Continue reading

Posted in AWS, Cloud, Computer, DNS, Murmuring, Network | Tagged , , , , , , , | Leave a comment

Let's Encrypt 支援 IDN

Let's Encrypt 宣佈支援 IDN:「Introducing Internationalized Domain Name (IDN) Support」,這代表可以申請的範圍變得更廣了: This means that our users around the world can now get free Let’s Encrypt certificates for domains containing characters outside of the ASCII set, which is built primarily for the English … Continue reading

Posted in Computer, DNS, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , , | Leave a comment

英國 GCHQ 打算在英國實施全國大規模的 DNS filtering 過濾機制

如標題所提到的,GCHQ 打算以安全為由,實施大規模的 DNS filtering 機制:「GCHQ planning UK-wide DNS ‘firewall’」,GCHQ 的官方新聞稿在「A new approach for cyber security in the UK」這邊。 很類似 GFW 的作法,但在英國這種國家這樣做太明顯,所以政府需要使用 FUD (Fear, Uncertainty, Doubt) 的方式恐嚇公民,藉由洗腦公民取得更多的權力。 這次是對 DNS level 過濾,如果政策成功地壓過去實施,接下來就會有更多的機制來過濾對當政者不利的言論。

Posted in Computer, DNS, Murmuring, Network, Political, Security | Tagged , , , , , , | 1 Comment

Netflix 的 Open Connect 架構

在「研究人员绘制Netflix CDN服务器位置图」這邊看到在討論 Netflix 的 Open Connect 架構,也就是 Netflix 自己的 CDN 架構。引用的論文是「Open Connect Everywhere: A Glimpse at the Internet Ecosystem through the Lens of the Netflix CDN」這篇。 翻了一下論文,看起來還是頗傳統的方法,從一堆伺服器去 query 找出來: Indeed, Netflix server domain names are too specific, i.e., including details … Continue reading

Posted in CDN, Cloud, Computer, DNS, Network, Security, WWW | Tagged , , , | Leave a comment

遠傳的 DNS 改成 139.175.1.1

找資料的時候發現原來在六月底的時候換掉了:「2016/06/30 起 遠傳大寬頻(Seednet) DNS主機異動公告說明」: 感謝您對本遠傳大寬頻(Seednet)長期的支持與愛護,因DNS主機將進行異動, DNS IP將調整為139.175.1.1,原有的DNS IP(139.175.55.244、139.175.252.16), 將於2016年06月30日不再提供對外連線服務。 這樣的話三大 ISP 都放到最好記的網段下了 (另外兩個分別是台灣固網的 61.31.1.1 與中華的 168.95.1.1)。

Posted in Computer, DNS, Murmuring, Network | Tagged , , , , , , , | Leave a comment

用 DNS 控制的後門

在「Wekby APT Gang Using DNS Tunneling for Command and Control」這邊看到用 DNS 做為控制的後門系統,原報導是「New Wekby Attacks Use DNS Requests As Command and Control Mechanism」。 用 DNS 控制的穿透性比 HTTPS 高不少,被拿來做為 APT 類的攻擊威脅高不少...

Posted in Computer, DNS, Murmuring, Network, Security | Tagged , , , , , , , , , | Leave a comment

Google DNS 在台灣的 Latency 大幅降低

對 8.8.8.8 的 ICMP 數據可以發現今天早上 Google 台灣機房的 DNS Service 做了改變,整個 latency 大幅降低。(因為 mtr 發現後面 traceroute 不到以為爆炸了,跑去看 Smokeping 發現其實是 Google 改善了架構) 中華電信北區的機房: 中華電信南區的機房: 台固機房:(內湖) 遠傳機房:(忘記是內湖的哪個機房了...) 遊戲橘子機房:(台北區)

Posted in Cloud, Computer, DNS, Murmuring, Network | Tagged , , , , , , | Leave a comment