Any more opinions please if DNS queries leak information about the internal
network topology and size to the resolver?
It would be interesting to consider 2 separate cases:
1. The internal network is NATed.
2. The internal network is IPv6 with ipv6_privacy="YES"
Victor Sudakov wrote:
> Dear Col
Eugene Grosbein wrote:
> 24.11.2019 23:02, Victor Sudakov wrote:
>
> > If there are multiple recursive queries for MS domains only, do you think
> > the operator of Resolver B can tell if there are 10 or 100 MS clients
> > behind Resolver A?
>
> I guess so, because different Windows versions may
24.11.2019 23:02, Victor Sudakov wrote:
> If there are multiple recursive queries for MS domains only, do you think
> the operator of Resolver B can tell if there are 10 or 100 MS clients
> behind Resolver A?
I guess so, because different Windows versions may behave differently
(including errat
Eugene Grosbein wrote:
> >
> > Several hosts of the local network use a FreeBSD server with BIND or
> > local-unbound as a caching resolver. Let's call it "Resolver A."
> > Resolver A forwards all queries to another resolver, e.g. 8.8.8.8 or
> > some other, let's call it "Resolver B."
> >
> > Can
24.11.2019 19:34, Victor Sudakov wrote:
> Dear Colleagues,
>
> Several hosts of the local network use a FreeBSD server with BIND or
> local-unbound as a caching resolver. Let's call it "Resolver A."
> Resolver A forwards all queries to another resolver, e.g. 8.8.8.8 or
> some other, let's call it
