[lacnog] Quad9 --> Servidor DNS

Vie Nov 17 12:38:55 BRST 2017

Me intriga lo del blocklist o de donde se nutre para realizar los bloqueos, por ejemplo para un dominio que es un phishing ya detectado a nivel de google safe browsing, no existe diferencia en la respuesta del registro A, para 8.8.8.8 o 9.9.9.9:

(Disculpen por mandar un  phishing activo a la lista)

http://apple.itunesconnect.su <http://apple.itunesconnect.su/>

$ dig apple.itunesconnect.su @8.8.8.8

; <<>> DiG 9.9.7-P3 <<>> apple.itunesconnect.su @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55306
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;apple.itunesconnect.su.     IN A

;; ANSWER SECTION:
apple.itunesconnect.su. 959 IN  A      141.255.161.78

;; Query time: 53 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Nov 17 11:33:32 -03 2017
;; MSG SIZE  rcvd: 67

$ dig apple.itunesconnect.su @9.9.9.9

; <<>> DiG 9.9.7-P3 <<>> apple.itunesconnect.su @9.9.9.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60958
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;apple.itunesconnect.su.     IN A

;; ANSWER SECTION:
apple.itunesconnect.su. 989 IN  A      141.255.161.78

;; Query time: 54 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Fri Nov 17 11:33:36 -03 2017
;; MSG SIZE  rcvd: 67

Saludos
Roberto

> On Nov 17, 2017, at 11:23, JORDI PALET MARTINEZ <jordi.palet en consulintel.es> wrote:
> 
> Desde Madrid a 40 ms., mientras que el DNS de google y el de Telefonica estan a 3 ms.
> 
> Saludos,
> Jordi
> 
> 
> -----Mensaje original-----
> De: LACNOG <lacnog-bounces en lacnic.net> en nombre de Eduardo Schoedler <listas en esds.com.br>
> Responder a: Latin America and Caribbean Region Network Operators Group <lacnog en lacnic.net>
> Fecha: viernes, 17 de noviembre de 2017, 22:08
> Para: Latin America and Caribbean Region Network Operators Group <lacnog en lacnic.net>
> Asunto: Re: [lacnog] Quad9 --> Servidor DNS
> 
>    http://www.isptools.com.br/ping#65!0!9.9.9.9
> 
> 
>    2017-11-17 11:52 GMT-02:00 Jorquera Gaete Jose Ignacio <jjorquera en grupogtd.com>:
> 
>    Estimados,
> 
>                    Desde Santiago/Chile efectivamente existen 1-2 ms ya que está conectado a PIT Chile:
> 
>      4     1 ms     1 ms     1 ms  cn2.2-0-0.ro.gtdinternet.com <http://cn2.2-0-0.ro.gtdinternet.com> [190.196.125.9]
>      5     5 ms     2 ms     2 ms  gw-gtdinternet.nacional1.red.movistar.cl <http://gw-gtdinternet.nacional1.red.movistar.cl> [186.148.60.49]
>      6     2 ms     2 ms     1 ms  10.200.247.197
>      7     2 ms     2 ms     2 ms  packet-clearing-house-AS42.scl.pitchile.cl <http://packet-clearing-house-AS42.scl.pitchile.cl> [200.23.206.220]
>      8     3 ms     3 ms     3 ms  dns.quad9.net <http://dns.quad9.net> [9.9.9.9]
> 
>    Traza completa.
> 
>    Saludos!
> 
>    José Jorquera.
> 
>    De: LACNOG [mailto:lacnog-bounces en lacnic.net]
>    En nombre de Matias Niosi
>    Enviado el: viernes, 17 de noviembre de 2017 10:34
>    Para: Latin America and Caribbean Region Network Operators Group <lacnog en lacnic.net>
>    Asunto: Re: [lacnog] Quad9 --> Servidor DNS
> 
>    En Uruguay:
> 
>    Claro 146ms
> 
>    Dedicado 168ms
> 
>    Antel 166ms
> 
>    Movistar 172ms
> 
> 
> 
> 
>    Matías Niosi
>    Chief Operations Officer
> 
>    Tel: (+598) 2626 2902 <tel:+598%202626%202902>
>    Cel: (+598) 95 064014 <tel:+598%2095%20064%20014>
> 
> 
>    www.latechco.com <http://www.latechco.com>
> 
>    Latin America Technology Company
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>    El 17 de noviembre de 2017, 10:30, Raul Alberto Jager Weiler <raul.jager en gmail.com> escribió:
> 
>    Desde Paraguay tengo 184 mili segundos para el ping.
> 
> 
>    2017-11-17 10:15 GMT-03:00 Santiago Liz <sliz en riu.edu.ar>:
> 
>    Desde Argentina dependiendo del proveedor entre 140 y 290ms
> 
>    Saludos,
>    Santiago.-
> 
>    -----Mensaje original-----
>    De: LACNOG [mailto:lacnog-bounces en lacnic.net] En nombre de Ivan Žilic Schmidt
>    Enviado el: viernes, 17 de noviembre de 2017 09:56 a.m.
>    Para: 'Latin America and Caribbean Region Network Operators Group'
>    Asunto: Re: [lacnog] Quad9 --> Servidor DNS
> 
>    Gael,
> 
>    Muchas gracias por compartir esta información.
> 
>    Felicitaciones por esta incorporación al ya extenso catálogo de servicios que entrega PCH.
> 
>    En Santiago de Chile estamos llegando con 1.5 ms al 9.9.9.9 y al 9.9.9.10.
> 
>    saludos,
> 
>    Ivan Žilić Schmidt
> 
>    -----Original Message-----
>    From: LACNOG [mailto:lacnog-bounces en lacnic.net] On Behalf Of Luis Balbinot
>    Sent: viernes, 17 de noviembre de 2017 9:29
>    To: Latin America and Caribbean Region Network Operators Group <lacnog en lacnic.net>
>    Subject: Re: [lacnog] Quad9 --> Servidor DNS
> 
>    163ms desde o sul do Brasil, podem enviar um servidor para cá :-)
> 
>    Luis
> 
>    On Fri, Nov 17, 2017 at 9:07 AM, Gaël Hernández <gael en pch.net> wrote:
>> Hola!
>> 
>> Después de un año en modo piloto, ayer se anunció el lanzamiento del servicio! PCH es uno de los socios del proyecto Quad9, además de IBM y GCA. Quad9 tiene su propia personalidad jurídica sin ánimo de lucro, y en PCH estamos orgullosos de proporcionar apoyo
>     operacional.
>> 
>> Están todos bienvenidos a usarlo y a compartir sus experiencias y dudas con nosotros. Y no duden en contactarme si tienen interés en alojar uno de nuestros equipos en alguno de los puntos neutros de la region!
>> 
>> Un saludo,
>> Gaël
>> 
>> Sent from my iPhone
>> 
>>> On 17 Nov 2017, at 01:57, Carlos M. Martinez <carlosm3011 en gmail.com> wrote:
>>> 
>>> Hola Esteban,
>>> 
>>> La mejor info que encontré está en el propio sitio del proyecto:
>>> https://www.quad9.net/
>>> 
>>> Si lo van a probar, creo que vale la pena tener en cuenta esta parte:
>>> 
>>> 
>>> ———
>>> Is there a service that Quad9 offers that does not have the blocklist or other security?
>>> 
>>> The primary IP address for Quad9 is 9.9.9.9, which includes the blocklist, DNSSEC, and other security features. However, there are alternate IP addresses that the service operates which do not have these security features. These might be useful for testing
>     validation, or to determine if there are false positives in the Quad9 system.
>>> 
>>> Secure IP: 9.9.9.9 Blocklist, DNSSEC, No EDNS Client-Subnet
>>> 
>>> Unsecure IP: 9.9.9.10 No blocklist, no DNSSEC, send EDNS
>>> Client-Subnet
>>> 
>>> Note: Use only one of these two addresses. Some networking software may include terminology such as “Secondary DNS Server” in configuration windows; this can be left blank. Putting both 9.9.9.9 and 9.9.9.10 into “primary” and “secondary” fields may result
>     in unsecure results in rare circumstances.
>>> ———
>>> 
>>> s2
>>> 
>>> Carlos
>>> 
>>>> On 17 Nov 2017, at 8:37, Esteban Carisimo wrote:
>>>> 
>>>> Estimados,
>>>> 
>>>> Hoy se lanzó el 9.9.9.9 como servidor DNS, ¿alguien escucho algo más
>>>> de este servicio?. Acá les paso la info que leí
>>>> 
>>>> 
>    https://www.cyberscoop.com/quad9-dns-service-global-cyber-alliance/ <https://www.cyberscoop.com/quad9-dns-service-global-cyber-alliance/>
>>>> 
>>>> Saludos
>>>> 
>>>> --
>>>> Esteban Carisimo
>>>> Temporarily Visiting Graduate Student at CAIDA PhD student at
>>>> CoNexDat (UBA-CONICET) 
>    http://cnet.fi.uba.ar/esteban_carisimo/en <http://cnet.fi.uba.ar/esteban_carisimo/en>
>>>> 
>>>> _______________________________________________
>>>> LACNOG mailing list
>>>> LACNOG en lacnic.net
>>>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>>> Cancelar suscripcion: 
>    https://mail.lacnic.net/mailman/options/lacnog <https://mail.lacnic.net/mailman/options/lacnog>
>>> _______________________________________________
>>> LACNOG mailing list
>>> LACNOG en lacnic.net
>>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>> Cancelar suscripcion: 
>    https://mail.lacnic.net/mailman/options/lacnog <https://mail.lacnic.net/mailman/options/lacnog>
>> 
>> 
>> _______________________________________________
>> LACNOG mailing list
>> LACNOG en lacnic.net
>> https://mail.lacnic.net/mailman/listinfo/lacnog
>> Cancelar suscripcion: 
>    https://mail.lacnic.net/mailman/options/lacnog <https://mail.lacnic.net/mailman/options/lacnog>
>    _______________________________________________
>    LACNOG mailing list
>    LACNOG en lacnic.net
>    https://mail.lacnic.net/mailman/listinfo/lacnog
>    Cancelar suscripcion: 
>    https://mail.lacnic.net/mailman/options/lacnog <https://mail.lacnic.net/mailman/options/lacnog>
> 
>    _______________________________________________
>    LACNOG mailing list
>    LACNOG en lacnic.net
>    https://mail.lacnic.net/mailman/listinfo/lacnog
>    Cancelar suscripcion: 
>    https://mail.lacnic.net/mailman/options/lacnog <https://mail.lacnic.net/mailman/options/lacnog>
> 
>    _______________________________________________
>    LACNOG mailing list
>    LACNOG en lacnic.net
>    https://mail.lacnic.net/mailman/listinfo/lacnog
>    Cancelar suscripcion: 
>    https://mail.lacnic.net/mailman/options/lacnog <https://mail.lacnic.net/mailman/options/lacnog>
> 
> 
> 
> 
> 
> 
> 
> 
>    _______________________________________________
>    LACNOG mailing list
>    LACNOG en lacnic.net
>    https://mail.lacnic.net/mailman/listinfo/lacnog
>    Cancelar suscripcion: 
>    https://mail.lacnic.net/mailman/options/lacnog <https://mail.lacnic.net/mailman/options/lacnog>
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>    _______________________________________________
>    LACNOG mailing list
>    LACNOG en lacnic.net
>    https://mail.lacnic.net/mailman/listinfo/lacnog
>    Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
> 
> 
> 
> 
> 
> 
> 
>    -- 
>    Eduardo Schoedler
> 
> 
> 
>    _______________________________________________
>    LACNOG mailing list
>    LACNOG en lacnic.net
>    https://mail.lacnic.net/mailman/listinfo/lacnog
>    Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
> 
> 
> 
> 
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es
> The IPv6 Company
> 
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
> 
> 
> 
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog

------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20171117/7e8023ec/attachment-0001.html>