Eric Luehrsen ericluehrsen at gmail.com
Wed Jul 22 03:06:52 UTC 2020

On 7/16/20 5:33 PM, Neo Web via Unbound-users wrote:
> I have seen a few different ISP's block unbound from working.
> How do you think they do it.
> I had a US ISP this morning, block it from on their network nationwide.
> It looks like DNSSEC traffic was blocked...what do you think happened?

It may not be censorship. Consumer IOT devices have been more infected 
by bot-nets according to recent reports. DNS and DNSSEC are documented 
tools for amplification attacks. It may be a counter measure deployed 
during an attack. US ISP also engage in "snoop-vertising." Most are 
happy to collect analytics from customers with rented modems in stock 
configuration, and they do not harm basic internet function. A few dig 
deeper and cause problems like NXDOMAIN substitution and port 53/853 
diversion. It may be one of these undesirable implementations.

Thoughts to consider in your analysis.
- Eric

More information about the Unbound-users mailing list