Links

Another interesting way to pwn the Internet is to control the routing of packets to critical nameservers. In practice, Internet routing is done by ASes (Autonomous Systems). If an AS wants to pwn a nameserver on a network it controls, it is a trivial matter: it just redirects the packets to its own nameserver. I’d draw you a picture, but I’m sure Matasano Chargen will do it prettier.

So. I thought it would be instructive to determine which ASes had control over which domains. More fun with dot.

The picture is no longer quite so rosy for the UK, but still, not bad, all things considered.

But France. I don’t know what to say about France. France is surreal. I’ve linked through to a much bigger version because, well, you’ve got to lose yourself in the spiderwebs. The SVG is here, though.

As for Fiji, I’d love to show you Fiji, but the way I’m doing it doesn’t work for Fiji right now. And hence, obviously, not for the whole world, either. Coming soon, I hope.

Share This

This entry was posted on Saturday, June 20th, 2009 at 20:08 and is filed under DNSSEC, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.