<div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, 9 Feb 2022, 04:45 Mark Tinka via Outages, <<a href="mailto:outages@outages.org">outages@outages.org</a>> wrote:</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
If we want to stop this behaviour, we'll have to do something about it, <br>
specifically, offering an alternative to Internet users that is regarded <br>
as official, e.g., like we do with other public services such as NTP.<br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">Do a DNS query. You don't even have to randomise the id number, just query for something that will have a small set of results (so, not the root) and ensure checking is disabled. For 8.8.8.8, I'm guessing "dns.google" is probably an excellent target.</div><div dir="auto"><br></div><div dir="auto">If you wanted something generic, what about a PTR query for something in 10/8, directed at the AS112 project? That's pretty much the sinkhole that expects that kind of unwanted traffic...</div><div dir="auto"><br></div><div dir="auto">M</div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
</blockquote></div></div></div>