These people should run Split-horizon DNS;
| Host | Wrong IP address | Reason |
|---|---|---|
| aff.teens-boys-world.com | ::1 | IPv6 Localhost |
| mail.flydreadk.us | fe80::216:3eff:fef3:1187 | IPv6 Link local |
| mail.highfromm.us | fe80::216:3eff:fe3b:2e1b | IPv6 Link local |
| ns.telenettv.ru | 192.168.128.197 | RFC 1918 |
| ns1.netplus.co.in | 64:ff9b::6729:17c2 | RFC 6052 |
| ns1.redcondor.net | 172.27.134.21 | RFC 1918 |
| ns2.netplus.co.in | 64:ff9b::6729:17c3 | RFC 6052 |
| ns4.tataidc.co.in | 64:ff9b::6708:2e05 | RFC 6052 |
| rsync10.a2hosting.com | 10.10.16.10 | RFC 1918 |
| s-dns-cvt2-01.pop.ns.selectel.org | 172.24.87.66 | RFC 1918 |
Last update: Thu 20 Jan 07:02:02 UTC 2022
You can block answers like these with Bind's 'deny-answer-addresses' feature;
deny-answer-addresses {
// Unconfigured
0.0.0.0;
// RFC 1918
10.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
// RFC 3927
169.254.0.0/16;
// IPv6
// :: to ::ffff:ffff:ffff.
// Includes ::, ::1, IPv4-Compatible IPv6 Addresses ::/96,
// and IPv4-mapped IPv6 addresses ::ffff:0:0/96
::/80;
// RFC 6052
64:ff9b::/96;
// Reserved for Documentation
2001:db8::/32;
// IPv6 Unique Local
fc00::/7;
// IPv6 Link local
fe80::/10;
// IPv6 Site local
fec0::/10;
// Your IPv6 address range(s)
Net/Mask
} except-from { "Your.Domain"; };
deny-answer-aliases { "Your.Domain"; };
The produces log entries like;
Aug 21 19:31:01 sput named[1601]: answer address 10.0.0.100 denied for spacefon.com/A/IN
Not blocking these addresses can be a serious security risk.