1. DNS/KnotResolver/brau.internat.jp/tss版/再現確認
$ dig -t txt brau.internat.jp @127.0.0.1 $ dig -t soa brau.jp @127.0.0.1 $ dig -t txt brau.jp @127.0.0.1
を実行してみた。毒が入っていることを確認した。-- ToshinoriMaeno 2020-08-30 03:05:44
$ dig -t txt brau.internat.jp @127.0.0.1 ; <<>> DiG 9.16.1-Ubuntu <<>> -t txt brau.internat.jp @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59062 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;brau.internat.jp. IN TXT ;; ANSWER SECTION: brau.internat.jp. 60 IN TXT "brau.internat.jp" ;; Query time: 20 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: 日 8月 30 12:00:25 JST 2020 ;; MSG SIZE rcvd: 74
tmaeno@nve20:~$ dig -t soa brau.jp @127.0.0.1 ; <<>> DiG 9.16.1-Ubuntu <<>> -t soa brau.jp @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2817 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;brau.jp. IN SOA ;; ANSWER SECTION: brau.jp. 120 IN SOA ns.brau.jp. tss.e-ontap.com. 2020082501 3600 600 86400 60 ;; Query time: 216 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: 日 8月 30 12:00:47 JST 2020 ;; MSG SIZE rcvd: 90
- このSOAは正規のものだ。
しかし、txtを問い合わせてみると、
tmaeno@nve20:~$ dig -t txt brau.jp @127.0.0.1 ; <<>> DiG 9.16.1-Ubuntu <<>> -t txt brau.jp @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50999 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;brau.jp. IN TXT ;; ANSWER SECTION: brau.jp. 60 IN TXT "NG" ;; Query time: 8 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: 日 8月 30 12:00:55 JST 2020 ;; MSG SIZE rcvd: 51