TAB Delimited Format
All I-Ds (sorted by submission date) (sorted by filename) Active I-Ds (sorted by submission date) (sorted by filename) I-Ds Published as RFCs (sorted by submission date) (sorted by filename) Expired/Withdrawn/Replaced I-Ds (sorted by submission date) (sorted by filename) IETF Working Group Drafts
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
other Individual Drafts by Author Identifier
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
other Other Drafts
IAB
IANA
IASA
IESG
IRTF
PROTO
RFC EDITOR
TOOLS
I-D Search
draft-jabley-as112-being-attacked-help-help-00
View Related Documents (e.g., documents that replaced or were replaced by the subject I-D, and their derivatives and precursors.) I-D Title: I'm Being Attacked by PRISONER.IANA.ORG! I-D Status: Expired I-D Intended Status at Publication: None RFC Number: I-D Tracker State: I-D Exists Abstract:
Many sites connected to the Internet make use of IPv4 addresses which are not globally unique. Examples are the addresses designated in RFC1918 for private use within individual sites. Hosts should never normally send reverse DNS queries for those addresses on the public Internet. However, such queries are frequently observed. Authority servers are deployed to provide authoritative answers to such queries as part of a loosely- coordinated effort known as the AS112 project. Since queries sent to AS112 servers are usually not intentional, the replies received back from those servers are typically unexpected. Unexpected inbound traffic can trigger alarms on intrusion detection systems and firewalls, and operators of such systems often mistakenly believe that they are being attacked. This document provides background information and technical advice to those firewall operators.Author(s):
The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid. If you are an author of this Internet-Draft, and if your e-mail address is not correct, then please send your current e-mail address to ietf-action@ietf.org.Joe Abley