DNS Morons

These people should run Split-horizon DNS;

Host	Wrong IP address	Reason
cm-185.138.33.205.getinternet.no	::185.138.33.205	IPv4-Compatible IPv6 Addresses
cm-84.211.134.91.getinternet.no	::84.211.134.91	IPv4-Compatible IPv6 Addresses
cm-84.215.129.189.getinternet.no	::84.215.129.189	IPv4-Compatible IPv6 Addresses
dns1.srv.nuigalway.ie	172.16.7.142	RFC 1918
ibdxbns3.duhosting.ae	10.198.18.10	RFC 1918
ibdxbns4.duhosting.ae	10.198.18.14	RFC 1918
lightning.a2hosting.com	10.32.7.249	RFC 1918
nhanhoa-rm.nhanhoa.com	192.168.102.8	RFC 1918
ns.livas.lv	2001:db8::204:23ff:fec9:f26a	Reserved for Documentation
ns1.motianya.com	192.168.1.1	RFC 1918
ns1.redcondor.net	172.27.134.21	RFC 1918
ns1.servsd.net	0.0.0.0	Unconfigured
ns2.livas.lv	2001:db8::21e:c9ff:fee8:8459	Reserved for Documentation
ns2.motianya.com	192.168.1.1	RFC 1918
ns2.prtcom.com	10.181.5.14	RFC 1918
ns2.servsd.net	0.0.0.0	Unconfigured
ns3.blue.net	10.11.11.210	RFC 1918
ns4.tataidc.co.in	64:ff9b::6708:2e05	RFC 6052
proxy29.tc1.swgfl.ifl.net	192.168.167.137	RFC 1918
s-dns-cvt2-01.pop.ns.selectel.org	172.24.87.66	RFC 1918
vtelmon1.vtel.jo	10.10.10.60	RFC 1918

Last update: Sat 31 Jul 06:02:01 UTC 2021

Block

You can block answers like these with Bind's 'deny-answer-addresses' feature;

    deny-answer-addresses {
        // Unconfigured
        0.0.0.0;
        // RFC 1918
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
        // RFC 3927
        169.254.0.0/16;
        // IPv6
        // :: to ::ffff:ffff:ffff.
        // Includes ::, ::1, IPv4-Compatible IPv6 Addresses ::/96,
        // and IPv4-mapped IPv6 addresses ::ffff:0:0/96
        ::/80;
        // RFC 6052
        64:ff9b::/96;
        // Reserved for Documentation
        2001:db8::/32;
        // IPv6 Unique Local
        fc00::/7;
        // IPv6 Link local
        fe80::/10;
        // IPv6 Site local
        fec0::/10;
        // Your IPv6 address range(s)
        Net/Mask
    } except-from { "Your.Domain"; };
    deny-answer-aliases { "Your.Domain"; };

The produces log entries like;

  Aug 21 19:31:01 sput named[1601]: answer address 10.0.0.100 denied for spacefon.com/A/IN

Not blocking these addresses can be a serious security risk.