Comment by Bender
8 hours ago
The domains with large numbers of TXT records are also used in DNS DDoS amplification attacks. Spoofed UDP requests to domains that have a large number of TXT records are used to slam other sites. In the past I would transparently strip the TXT records when I ran public DNS recursive resolvers nobody noticed except the botters but some here may be activated. Some domains with a lot of dangling records:
for i in $(echo "ycombinator.com 500px.com box.com ebay.com google.com hm.com lenovo.com nordstrom.com realtor.com tmz.com wired.com");do echo -en "${i}: ";dig +short +nocookie -t TXT "${i}"|wc -l;done|sort -rn -k2
nordstrom.com: 39
lenovo.com: 38
realtor.com: 36
ebay.com: 36
hm.com: 34
box.com: 28
wired.com: 27
tmz.com: 22
500px.com: 17
ycombinator.com: 13
google.com: 13
Ebay used to be in first place, not sure what changed.
In unbound.conf:
local-zone: ycombinator.com typetransparent
local-data: 'ycombinator.com. TXT "[ddos redacted]"'
after the changes:
dig +short +nocookie -t txt ycombinator.com
"[ddos redacted]"
Whee, my chance to be the useless use of cat asshole.
Why the echo? "for" should handle a list of terms just fine.
Pedantic assholery aside, genuine question. Is this some sort of shell expansion injection countermeasure of which I am unfamiliar?
And for the record I quite enjoy employing the useless use of cat. It turns pumping a file into a pipeline from a screwball shell meta command into a command isometric to any other command. I sort of wish tee had a "suppress stdout flag" so it could be used more naturally as cat's counterpart.
Whee, my chance to be the useless use of cat asshole.
Would it be mean if I said I do that to expose cat rectum? I used to cat to tac to cat but that was too on the nose. Another fun one is mixed case HtMl elements. I miss that old dokimos site from 2001.
Here's [1] something to play with. not my repo
[1] - https://github.com/bashfuscator/bashfuscator