Spectroscopy of Private DNS Update Sources
WIAPP '03 Proceedings of the The Third IEEE Workshop on Internet Applications
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
A day at the root of the internet
ACM SIGCOMM Computer Communication Review
| Hi-index | 0.00 |
This work is motivated by the observation of one particular type of unwanted traffic -- dynamic DNS updates for private (RFC1918) addresses, which leaks to global network. This spurious traffic not only wastes network resources but also jeopardizes security and privacy of users.We first look at the magnitude of these updates on two independent AS112 [1] servers. We then analyze which operating systems are responsible for these updates by using three levels of signature techniques and find that over 97% of updates come from Windows systems. While newer versions of Windows OSes are more stringent in sending private DNS updates, we did not observe an overall decreasing trend due to this evolution. Users, software vendors, and system administrators can take steps to reduce this RFC1918 traffic. However, since most end users are unlikely to interfere with vendor default settings, it should be the responsibility of software vendor and system administrators to take positive action to fix this problem.