Closed nmalcolm closed 6 months ago
There's a couple of trusted resolvers which are always returning invalid DNS records. There should probably be checks to ensure misbehaving resolvers are removed from the trusted resolvers file if they can no longer be trusted.
dig @76.76.19.19 thisdoesnotexist2023.trickest.com ; <<>> DiG 9.10.6 <<>> @76.76.19.19 thisdoesnotexist2023.trickest.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7023 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;thisdoesnotexist2023.trickest.com. IN A ;; ANSWER SECTION: thISDoesnotexist2023.trickest.com. 300 IN A 54.144.128.85 ;; Query time: 245 msec ;; SERVER: 76.76.19.19#53(76.76.19.19) ;; WHEN: Fri Oct 20 01:12:08 +04 2023 ;; MSG SIZE rcvd: 99
dig @76.223.122.150 thisdoesnotexist2023.trickest.com ; <<>> DiG 9.10.6 <<>> @76.223.122.150 thisdoesnotexist2023.trickest.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8931 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;thisdoesnotexist2023.trickest.com. IN A ;; ANSWER SECTION: thISDoesnotexist2023.trickest.com. 300 IN A 54.144.128.85 ;; Query time: 2075 msec ;; SERVER: 76.223.122.150#53(76.223.122.150) ;; WHEN: Fri Oct 20 01:13:18 +04 2023 ;; MSG SIZE rcvd: 99
There's a couple of trusted resolvers which are always returning invalid DNS records. There should probably be checks to ensure misbehaving resolvers are removed from the trusted resolvers file if they can no longer be trusted.