DNS Morons

These people should run Split-horizon DNS;

HostWrong IP addressReason
abts-kk-dynamic-201.79.171.122-airtelbroadband.in0.0.0.0Unconfigured
abts-north-static-51.196.161.122-airtelbroadband.in0.0.0.0Unconfigured
bayns1.msn.net10.20.206.31RFC 1918
bayns2.msn.net10.20.206.32RFC 1918
ccitns02.e-dmn.com192.168.11.184RFC 1918
cm-84.212.31.212.getinternet.no::84.212.31.212IPv4-Compatible IPv6 Addresses
dns.btcl.net.bdfe80::1618:77ff:fe6d:264aIPv6 Link local
dns1.srv.nuigalway.ie172.16.7.142RFC 1918
haitns01.e-dmn.com192.168.11.183RFC 1918
ibdxbns4.duhosting.ae10.198.18.14RFC 1918
ns.baikal-online.ru0.0.0.0Unconfigured
ns.hetsptt.net.cn0.0.0.0Unconfigured
ns02.foxinc.com10.215.244.27RFC 1918
ns1.grcc.ru10.8.9.50RFC 1918
ns2.cmt.net.br10.1.0.54RFC 1918
ns3.tataidc.co.in64:ff9b::6708:2d05RFC 6052
ns4.tataidc.co.in64:ff9b::6708:2e05RFC 6052
ns5.tataidc.co.in64:ff9b::6708:2c05RFC 6052
rev1.globalrootservers.net0.0.0.0Unconfigured
rev2.globalrootservers.net0.0.0.0Unconfigured
s-dns-cvt2-01.pop.ns.selectel.org172.24.87.66RFC 1918
slave.btcl.net.bdfe80::1618:77ff:fe6d:1e60IPv6 Link local
static-10.187.143.114-tataidc.co.in0.0.0.0Unconfigured
static-102.52.143.114-tataidc.co.in0.0.0.0Unconfigured
static-106.207.143.114-tataidc.co.in0.0.0.0Unconfigured
static-108-62-118-101.nextroute.co0.0.0.0Unconfigured
static-142.156.143.114-tataidc.co.in0.0.0.0Unconfigured
static-178.41.93.111-tataidc.co.in0.0.0.0Unconfigured
static-186.158.143.114-tataidc.co.in0.0.0.0Unconfigured
static-46.4.93.111-tataidc.co.in0.0.0.0Unconfigured
static-70.24.93.111-tataidc.co.in0.0.0.0Unconfigured
tk2ns1.msn.net10.20.195.212RFC 1918
tk2ns2.msn.net10.20.195.213RFC 1918

Last update: Sat 24 Oct 06:02:01 UTC 2020

Block

You can block answers like these with Bind's 'deny-answer-addresses' feature;

    deny-answer-addresses {
        // Unconfigured
        0.0.0.0;
        // RFC 1918
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
        // RFC 3927
        169.254.0.0/16;
        // IPv6
        // :: to ::ffff:ffff:ffff.
        // Includes ::, ::1, IPv4-Compatible IPv6 Addresses ::/96,
        // and IPv4-mapped IPv6 addresses ::ffff:0:0/96
        ::/80;
        // RFC 6052
        64:ff9b::/96;
        // Reserved for Documentation
        2001:db8::/32;
        // IPv6 Unique Local
        fc00::/7;
        // IPv6 Link local
        fe80::/10;
        // IPv6 Site local
        fec0::/10;
        // Your IPv6 address range(s)
        Net/Mask
    } except-from { "Your.Domain"; };
    deny-answer-aliases { "Your.Domain"; };

The produces log entries like;

  Aug 21 19:31:01 sput named[1601]: answer address 10.0.0.100 denied for spacefon.com/A/IN

Not blocking these addresses can be a serious security risk.