DNS污染情况分析
测试public-dns.info全球公共DNS连通性并用其进行DNS解析分析受污染情况
遴选可用DNS服务器
使用脚本dns_check
运行结果
$ time ./dns_check bilibili.com
1 - 1001:
1.1.1.1 -> 139.159.241.37
8.8.8.8 -> 139.159.241.37
223.6.6.6 -> 8.134.50.24
185.222.222.222 -> 8.134.50.24
1002 - 2002:
2003 - 3003:
3004 - 4004:
4005 - 5005:
9.9.9.9 -> 139.159.241.37
114.114.115.119 -> 119.3.70.188
5006 - 6006:
114.114.115.115 -> 47.103.24.173
114.114.114.114 -> 120.92.78.97
185.184.222.222 -> 119.3.70.188
6007 - 7007:
7008 - 8008:
8009 - 9009:
9010 - 10010:
10011 - 11011:
11012 - 12012:
12013 - 13013:
13014 - 14014:
14015 - 15015:
./dns_check 123.70s user 113.12s system 191% cpu 2:03.90 total
可用DNS
1.1.1.1
8.8.8.8
223.6.6.6
185.222.222.222
9.9.9.9
114.114.115.119
114.114.115.115
114.114.114.114
185.184.222.222
受污染域名测试
- wikipedia.org
9.9.9.9 -> 162.125.7.1 x
114.114.115.119 -> 162.125.7.1 x
114.114.114.114 -> 162.125.7.1 x
8.8.8.8 -> 162.125.7.1 x
1.1.1.1 -> 118.193.240.37 x
114.114.115.115 -> 162.125.7.1 x
223.6.6.6 -> 157.240.12.50 x
185.184.222.222 -> 157.240.12.50 x
185.222.222.222 -> 202.160.128.16 x
- duckduckgo.com
114.114.115.119 -> 108.160.167.165 x
114.114.114.114 -> 192.133.77.145 x
9.9.9.9 -> 192.133.77.145 x
114.114.115.115 -> 192.133.77.145 x
1.1.1.1 -> 104.244.46.17 x
8.8.8.8 -> 104.244.46.57 x
185.222.222.222 -> 192.133.77.145 x
185.184.222.222 -> 192.133.77.145 x
223.6.6.6 -> 192.133.77.145 x
- github.com
114.114.115.115 -> 20.205.243.166
185.184.222.222 -> 20.205.243.166
1.1.1.1 -> 20.205.243.166
114.114.115.119 -> 20.205.243.166 x
114.114.114.114 -> 20.205.243.166 x
9.9.9.9 -> 20.205.243.166 x
8.8.8.8 -> 20.205.243.166 x
223.6.6.6 -> 20.205.243.166 x
185.222.222.222 -> 20.205.243.166
DNS查询返回ip的ASN信息
162.125.7.0/24 AS19679 - Dropbox, Inc.
118.193.240.37 Beijing CNISP Technology
157.240.12.0/24 AS32934 - Facebook, Inc.
202.160.128.0/24 AS13414 - Twitter Inc.
108.160.160.0/20 AS19679 - Dropbox, Inc.
192.133.76.0/23 AS13414 - Twitter Inc.
104.244.46.0/24 AS13414 - Twitter Inc.
20.192.0.0/10 AS8075 - Microsoft Corporation
*数据来自ipinfo.io
分析
DNS查询受到旁路污染解析到了被GFW封禁的IP段或不可达IP