ericluehrsen at gmail.com
Wed Jul 22 03:06:52 UTC 2020
On 7/16/20 5:33 PM, Neo Web via Unbound-users wrote:
> I have seen a few different ISP's block unbound from working.
> How do you think they do it.
> I had a US ISP this morning, block it from on their network nationwide.
> It looks like DNSSEC traffic was blocked...what do you think happened?
It may not be censorship. Consumer IOT devices have been more infected
by bot-nets according to recent reports. DNS and DNSSEC are documented
tools for amplification attacks. It may be a counter measure deployed
during an attack. US ISP also engage in "snoop-vertising." Most are
happy to collect analytics from customers with rented modems in stock
configuration, and they do not harm basic internet function. A few dig
deeper and cause problems like NXDOMAIN substitution and port 53/853
diversion. It may be one of these undesirable implementations.
Thoughts to consider in your analysis.
More information about the Unbound-users