North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS Amplification Attacks

  • From: Peter Dambier
  • Date: Wed Mar 22 15:23:52 2006

Florian Weimer wrote:
* Peter Dambier:

In germany censoring is commonplace. You have to use foraign resolvers
to escape it. There is a lot collateral dammage too - governement has
provided the tools.
This is not true.  There has been some questionable advice by a
regulatory body, though.  Most damage is done by ISPs which simply do
not adjust the filters to the moving target and run them as-is since
2001 or so.  Null routes tend to filter a different customer after
such a long time.

Here it is documented. Sorry it is in german only:,39023144,2124117,00.htm

A local city chieftain could claim ownership of an internet site located
in the USA and even capture their emails. As far as I am informed the
censorship at some ISPs is still active but they claim no longer to
be their mailhost.

I was informed of this DNS forgery because of the collateral damage
done. Several sites where censored and could only escape by changeing
providers. At least one of the providers is bankrupt today. I dont
know if censoring was the reason why.

How about alternative roots? ICANN does censor "XN--55QX5D.", "XN--FIQS8S."
and "XN--IO0A7I." already. You must use alternative roots to exchange emails
with people living in those domains.
Unfortunately, they also censor "ENYO.".

That is the reason why :)

Nevertheless I could see the site "http://www.enyo/";
after adding " www.enyo enyo" to my /etc/hosts
Maybe even could send you emails?

Kind regards
Peter and Karin Dambier

Peter and Karin Dambier
The Public-Root Consortium
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP:
mail: [email protected]
mail: [email protected]