Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure
- 1. Freie Universität Berlin
- 2. HAW Hamburg
Description
Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure
This repository contains the software artifacts which have been used to measure transparent DNS forwarders. This is a fixed release copy of the official artifacts repository.
NOTE: If you use our tools, please cite our paper as follows:
Nawrocki, M., Koch, M., Schmidt, T. C., & Wählisch, M. (2021).
Transparent Forwarders: An Unnoticed Component of the Open DNS Infrastructure.
CoNEXT '21, December 7–10, 2021, Virtual Event, Germany. ACM.
https://doi.org/10.1145/3485983.3494872
Abstract
In this paper, we revisit the open DNS (ODNS) infrastructure and, for the first time, systematically measure and analyze transparent forwarders, DNS components that transparently relay between stub resolvers and recursive resolvers.
Our key findings include four takeaways. First, transparent forwarders contribute 26% (563k) to the current ODNS infrastructure. Unfortunately, common periodic scanning campaigns such as Shadowserver do not capture transparent forwarders and thus underestimate the current threat potential of the ODNS. Second, we find an increased deployment of transparent forwarders in Asia and South America. In India alone, the ODNS consists of 80% transparent forwarders. Third, many transparent forwarders relay to a few selected public resolvers such as Google and Cloudflare, which confirms a consolidation trend of DNS stakeholders. Finally, we introduce DNSRoute++, a new traceroute approach to understand the network infrastructure connecting transparent forwarders and resolvers.
Files
ilabrg/artifacts-conext21-dns-fwd-cr-v1.0.1.zip
Files
(160.7 MB)
Name | Size | Download all |
---|---|---|
md5:210eea9d074bdc3c699b51a1773772a4
|
160.7 MB | Preview Download |
Additional details
Related works
- Is supplement to
- https://github.com/ilabrg/artifacts-conext21-dns-fwd/tree/cr-v1.0.1 (URL)
- Conference paper: https: //doi.org/10.1145/3485983.3494872 (Handle)
- arXiv:2110.02224 (arXiv)