Created
November 3, 2015 08:51
-
-
Save bortzmeyer/10fe2900c59068bb0c78 to your computer and use it in GitHub Desktop.
Lying DNS resolvers in Turkey (block access to the report on elections) seen through RIPE Atlas probes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [195.175.254.2 is Turk Telecom, 213.14.227.50 is TellCom, 176.9.34.7 is the real address, as shown by the second test, in Germany] | |
| % python resolve-name.py -r 500 -c TR www.etha.com.tr | |
| Measurement #2905528 for www.etha.com.tr/A uses 32 probes | |
| [213.14.227.50] : 5 occurrences | |
| [195.175.254.2] : 6 occurrences | |
| [176.9.34.7] : 20 occurrences | |
| Test done at 2015-11-03T08:47:09Z | |
| % python resolve-name.py -r 500 -c DE www.etha.com.tr | |
| Measurement #2905529 for www.etha.com.tr/A uses 498 probes | |
| [ERROR: REFUSED] : 3 occurrences | |
| [ERROR: SERVFAIL] : 3 occurrences | |
| [176.9.34.7] : 463 occurrences | |
| Test done at 2015-11-03T08:50:45Z | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This time, Google Public DNS is not hijacked
% python resolve-name.py -r 500 -e 8.8.8.8 -c TR www.etha.com.tr
Measurement #2905530 for www.etha.com.tr/A uses 33 probes
Nameserver 8.8.8.8
[176.9.34.7] : 31 occurrences
Test done at 2015-11-03T08:58:39Z