查 dns 污染的时候发现了一个有趣的事情

2019-01-29 22:16:41 +08:00
 zanzhz1101

查 dns 污染的时候发现了一个有趣的事情,不少奇怪的网站本地都解析到相同的 ip,本着好奇的心理对有限几个 404 网站做了个统计归纳,发现基本都在一个 ip 列表里 在这里发出来,不知道全不全

8.7.198.45
31.13.64.1
31.13.64.33
31.13.64.49
31.13.65.1
31.13.65.17
31.13.65.18
31.13.66.1
31.13.66.6
31.13.66.23
31.13.68.1
31.13.68.22
31.13.69.33
31.13.69.86
31.13.69.129
31.13.69.160
31.13.70.1
31.13.70.20
31.13.71.7
31.13.71.23
31.13.72.1
31.13.72.17
31.13.72.23
31.13.72.34
31.13.72.54
31.13.73.1
31.13.73.17
31.13.73.23
31.13.74.1
31.13.74.17
31.13.75.17
31.13.75.18
31.13.76.8
31.13.76.16
31.13.77.33
31.13.77.55
31.13.78.65
31.13.78.66
31.13.79.1
31.13.79.17
31.13.80.1
31.13.80.17
31.13.81.1
31.13.81.17
31.13.82.1
31.13.82.17
31.13.82.23
31.13.83.1
31.13.83.8
31.13.83.16
31.13.84.1
31.13.84.8
31.13.84.16
31.13.85.1
31.13.85.8
31.13.85.16
31.13.86.1
31.13.86.8
31.13.86.16
31.13.97.245
31.13.97.248
46.82.174.68
59.24.3.173
64.13.192.74
64.13.192.76
64.13.232.149
66.220.146.94
66.220.147.11
66.220.147.44
66.220.147.47
66.220.149.18
66.220.149.32
66.220.149.99
66.220.151.20
66.220.152.17
66.220.152.28
66.220.155.12
66.220.155.14
66.220.158.32
67.15.100.252
67.15.129.210
67.228.37.26
67.228.74.123
67.228.102.32
67.228.126.62
67.228.221.221
67.228.235.91
67.228.235.93
69.63.176.15
69.63.176.59
69.63.176.143
69.63.178.13
69.63.180.173
69.63.181.11
69.63.181.12
69.63.184.14
69.63.184.30
69.63.184.142
69.63.186.30
69.63.186.31
69.63.187.12
69.63.189.16
69.63.190.26
69.171.224.12
69.171.224.40
69.171.224.85
69.171.225.13
69.171.227.37
69.171.228.20
69.171.228.74
69.171.229.11
69.171.229.28
69.171.229.73
69.171.230.18
69.171.232.21
69.171.233.24
69.171.233.33
69.171.233.37
69.171.234.18
69.171.234.29
69.171.234.48
69.171.235.16
69.171.235.64
69.171.235.101
69.171.237.16
69.171.237.26
69.171.239.11
69.171.240.27
69.171.242.11
69.171.242.30
69.171.244.11
69.171.244.12
69.171.244.15
69.171.245.49
69.171.245.53
69.171.245.84
69.171.246.9
69.171.247.20
69.171.247.32
69.171.247.71
69.171.248.65
69.171.248.112
69.171.248.128
74.86.3.208
74.86.12.172
74.86.12.173
74.86.17.48
74.86.118.24
74.86.142.55
74.86.151.162
74.86.151.167
74.86.226.234
74.86.228.110
74.86.235.236
75.126.2.43
75.126.33.156
75.126.115.192
75.126.124.162
75.126.135.131
75.126.150.210
75.126.164.178
75.126.215.88
78.16.49.15
88.191.249.182
88.191.249.183
88.191.253.157
93.46.8.89
173.252.73.48
173.252.100.21
173.252.100.32
173.252.102.16
173.252.102.241
173.252.103.64
173.252.110.21
174.36.196.242
174.36.228.136
174.37.54.20
174.37.154.236
174.37.175.229
199.16.156.7
199.16.156.40
199.16.158.190
199.59.148.14
199.59.148.97
199.59.148.140
199.59.148.209
199.59.149.136
199.59.149.244
199.59.150.11
199.59.150.49
205.186.152.122
208.43.170.231
208.43.237.140
208.101.21.43
208.101.48.171
208.101.60.87
243.185.187.39

话说这玩意有啥用么

17543 次点击
所在节点    DNS
29 条回复
pragmatwice
2019-01-30 20:28:10 +08:00
Wikipedia-zh 对此有比较详细的记录,位于「域名服务器缓存污染」条目。
zanzhz1101
2019-02-03 14:06:07 +08:00
@pragmatwice #21 我仔细查看 Wikipedia 的名单后发现只有 10 个是重复 ip,列举的 ip 范围内有大量国内 ip 地址,其他部分 ip 的确存在于污染列表,但大部分都是小网站或者用户少的网站,被解析的也大部分是二级域名,还有一些 ip 地址从去年八月份之后就没有再启用过,推测进行了负载分级,总的来说上面的大部分不是污染 ip
Kobayashi
2019-06-10 17:06:24 +08:00
@zanzhz1101 chinadns 早就玩儿过这个方案了,根本没用。现在策略不是扔给你特定的无效 IP,而是有可能随机扔给你一个不相关网站的有效 IP。
zanzhz1101
2019-06-13 14:25:38 +08:00
@Kobayashi #23 看到回复后我又去测试了一下,没有变化,主要 blacklist 大概 200 个,总库大概 1300 左右
Kobayashi
2019-06-14 11:28:17 +08:00
zanzhz1101
2019-06-14 16:11:32 +08:00
@Kobayashi #25
否,目前依旧是返回 Facebook / Twitter / Softlayer 的某些 IP 段,我的模型是收敛的
zanzhz1101
2019-06-14 16:17:34 +08:00
Kobayashi
2019-06-14 17:20:18 +08:00
你当我没说过。
zanzhz1101
2019-06-14 22:47:45 +08:00
@Kobayashi #28 报道出了偏差你要负责任的

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://tanronggui.xyz/t/531721

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX