1 使用 114 的结果 dig -t txt github.com @114.114.114.114 ;; Truncated, retrying in TCP mode.
; <<>> DiG 9.16.23-RH <<>> -t txt github.com @114.114.114.114 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27471 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;github.com. IN TXT
;; ANSWER SECTION: github.com. 3600 IN TXT "google-site-verification=82Le34Flgtd15ojYhHlGF_6g72muSjamlMVThBOJpks" github.com. 3600 IN TXT "facebook-domain-verification=39xu4jzl7roi7x0n93ldkxjiaarx50" github.com. 3600 IN TXT "miro-verification=d2e174fdb00c71e0bcf58f8e58c3da2dd80dcfa9" github.com. 3600 IN TXT "adobe-idp-site-verification=b92c9e999aef825edc36e0a3d847d2dbad5b2fc0e05c79ddd7a16139b48ecf4b" github.com. 3600 IN TXT "atlassian-domain-verification=jjgw98AKv2aeoYFxiL/VFaoyPkn3undEssTRuMg6C/3Fp/iqhkV4HVV7WjYlVeF8"
;; Query time: 908 msec ;; SERVER: 114.114.114.114#53(114.114.114.114) ;; WHEN: Wed Aug 28 04:16:58 CST 2024 ;; MSG SIZE rcvd: 475
2 使用 1.1.1.1 的结果 dig -t txt github.com @1.1.1.1 ;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.16.23-RH <<>> -t txt github.com @1.1.1.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25176 ;; flags: qr rd ra; QUERY: 1, ANSWER: 17, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: Message has 326 extra bytes at end
;; QUESTION SECTION: ;github.com. IN TXT
;; ANSWER SECTION: github.com. 2688 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" github.com. 2688 IN TXT "MS=ms44452932" github.com. 2688 IN TXT "MS=ms58704441" github.com. 2688 IN TXT "adobe-idp-site-verification=b92c9e999aef825edc36e0a3d847d2dbad5b2fc0e05c79ddd7a16139b48ecf4b" github.com. 2688 IN TXT "apple-domain-verification=RyQhdzTl6Z6x8ZP4" github.com. 2688 IN TXT "atlassian-domain-verification=jjgw98AKv2aeoYFxiL/VFaoyPkn3undEssTRuMg6C/3Fp/iqhkV4HVV7WjYlVeF8" github.com. 2688 IN TXT "beautifulai-site-verification=e478d764-9335-4af3-ac7a-2d5ab61b59aa" github.com. 2688 IN TXT "calendly-site-verification=at0DQARi7IZvJtXQAWhMqpmIzpvoBNF7aam5VKKxP" github.com. 2688 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" github.com. 2688 IN TXT "facebook-domain-verification=39xu4jzl7roi7x0n93ldkxjiaarx50" github.com. 2688 IN TXT "google-site-verification=82Le34Flgtd15ojYhHlGF_6g72muSjamlMVThBOJpks" github.com. 2688 IN TXT "google-site-verification=UTM-3akMgubp6tQtgEuAkYNYLyYAvpTnnSrDMWoDR3o" github.com. 2688 IN TXT "krisp-domain-verification=ZlyiK7XLhnaoUQb2hpak1PLY7dFkl1WE" github.com. 2688 IN TXT "loom-site-verification=f3787154f1154b7880e720a511ea664d" github.com. 2688 IN TXT "miro-verification=d2e174fdb00c71e0bcf58f8e58c3da2dd80dcfa9" github.com. 2688 IN TXT "stripe-verification=f88ef17321660a01bab1660454192e014defa29ba7b8de9633c69d6b4912217f"
;; Query time: 4 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) ;; WHEN: Wed Aug 28 04:17:17 CST 2024 ;; MSG SIZE rcvd: 1500
3 使用 223.5.5.5 的结果 dig -t txt github.com @223.5.5.5
; <<>> DiG 9.16.23-RH <<>> -t txt github.com @223.5.5.5 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 37986 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1408 ;; QUESTION SECTION: ;github.com. IN TXT
;; Query time: 3004 msec ;; SERVER: 223.5.5.5#53(223.5.5.5) ;; WHEN: Wed Aug 28 04:17:38 CST 2024 ;; MSG SIZE rcvd: 39
1
xiaket 114 天前
`dig +trace -t txt github.com` 拿权威结果, 各级 DNS 的行为不权威而且不可控.
|
2
totoro625 114 天前
参考 /t/1061846
记得有一种攻击方式就是频繁查询 txt 记录进行放大攻击 DNS 服务器 |
3
zyyongsfi2 114 天前
@xiaket 如果缺失 TXT 记录算 DNS 污染吗? 为发现阿里和 114 都有缺失的情况,google 和 CF 都正常,和权威的一样
|