8 Feb
2022
8 Feb
'22
10:29 p.m.
On Wed, 9 Feb 2022, 04:45 Mark Tinka via Outages, <outages@outages.org> wrote:
If we want to stop this behaviour, we'll have to do something about it, specifically, offering an alternative to Internet users that is regarded as official, e.g., like we do with other public services such as NTP.
Do a DNS query. You don't even have to randomise the id number, just query for something that will have a small set of results (so, not the root) and ensure checking is disabled. For 8.8.8.8, I'm guessing "dns.google" is probably an excellent target. If you wanted something generic, what about a PTR query for something in 10/8, directed at the AS112 project? That's pretty much the sinkhole that expects that kind of unwanted traffic... M