Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
www.caida.org > publications : papers : 2006 : private_dns_updates
The Windows of Private DNS Updates
A. Broido, H. Shang, M. Fomenkov, Y. Hyun, and k. claffy, "The Windows of Private DNS Updates", ACM SIGCOMM Computer Communication Review (CCR), vol. 36, no. 3, pp. 93--98, Jul 2006.
|   View full paper:    PDF    |  Citation:    BibTeX   |

The Windows of Private DNS Updates

Andre Broido
Hao Shang
Marina Fomenkov
Young Hyun
kc claffy

CAIDA, San Diego Supercomputer Center, University of California San Diego

This work is motivated by the observation of one particular type of unwanted traffic - dynamic DNS updates for private (RFC1918) addresses, which leaks to global network. This spurious traffic not only wastes network resources but also jeopardizes security and privacy of users. We first look at the magnitude of these updates on two independent AS112 [1] servers. We then analyze which operating systems are responsible for these updates by using three levels of signature techniques and find that over 97% of updates come from Windows systems. While newer versions of Windows OSes are more stringent in sending private DNS updates, we did not observe an overall decreasing trend due to this evolution. Users, software vendors, and system administrators can take steps to reduce this RFC1918 traffic. However, since most end users are unlikely to interfere with vendor default settings, it should be the responsibility of software vendor and system administrators to take positive action to fix this problem.

Keywords: dns, policy, security
  Last Modified: Wed Oct-11-2017 17:03:53 PDT
  Page URL: http://www.caida.org/publications/papers/2006/private_dns_updates/index.xml