> From: Andrew Hume [mailto:and...@research.att.com]
>
> actually, the belief is that the ISP would be enough.
> forgive the ignorance involved (i despise networking), where do you get PTR
> records?
Well, for example, I see your email was sent from 135.207.39.164
Using nslookup or dig, I get:
C:\Users\eharvey>nslookup 135.207.39.164
Name: H-135-207-39-164.research.att.com
Address: 135.207.39.164
So, how exactly did this get resolved? My dns client send a request for PTR to
my DNS server, which started to resolve it by talking to the internet root
servers. The internet root servers have delegation at some level ... anything
starting with 135.207.x is handled by another server ... where it may be
further delegated, anything 135.207.39.x may be handled by another server ...
Eventually, some individual server is authoritative for the query at hand, and
responds with an answer.
Now, if you're querying a whole bunch of junk all in Comcast, you're going to
be hammering their reverse-lookup dns servers. No wonder they would consider
your traffic a DoS, and blacklist you.
But all you have to do is figure out each ISP CIDR range, and for each IP
address you want to look up, just see which CIDR range it's in. You don't even
need to query DNS to get the answer ... In fact, you're better off if you
don't. Besides wasting your own traffic, you're wasting everyone else's
traffic and getting yourself blacklisted due to your DoS of other peoples'
networks.
If you google around for CIDR ranges of ISP's, you'll find a lot of them
published by other people who have already put in the effort. But ultimately
IANA is authoritative and current.
I don't know where, or if, IANA publishes the results you're looking for.
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
