user:pangea

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
user:pangea [2023-10-07T14:52:35Z] – Added a first draft on the project pangeauser:pangea [2024-04-19T07:16:15Z] (current) – [Log Anonymization] pangea
Line 1: Line 1:
-# pangea - the user behind newpangea.de+**Note:** Restructuring of infrastructure in progress
  
-Welcome to my little space on the OpenNIC Wiki. I am operating a handful of globally distributed DNS resolvers which are compatible with the OpenNIC TLDs. The servers are configured to log anonymized data in a central location in Europe. This feedback is used for threat intelligence research. +==== Who is behind pangea? ====
  
-## Public Resolver+Welcome to our little space on the OpenNIC Wiki. We are operating a handful of globally distributed DNS resolvers which are compatible with the OpenNIC TLDs. The servers are configured to log anonymized data in a central location in Europe. This feedback is used for threat intelligence research. The public front of the project is [[https://newpangea.de|newpangea.de]]. 
 + 
 +=== Public Resolver ===
  
 All of our public resolver support DNS over UDP/53, DoT, DoH and support regular OpenNIC and ICANN TLDs. All of our public resolver support DNS over UDP/53, DoT, DoH and support regular OpenNIC and ICANN TLDs.
  
-| Hostname | Country Code IPv4 IPv6 Status  +^ OpenNIC Domain ^ ICANN Domain ^ Country Code IPv4 IPv6 Status ^ 
-| dns1.cl.newpangea.de | CL | 64.176.6.48 | 2001:19f0:c800:2b26:5400:04ff:fe87:53ea | +| ns2.cl.dns.opennic.glue | dns1.cl.newpangea.de | CL | 64.176.6.48 | 2001:19f0:c800:2b26:5400:04ff:fe87:53ea | Ok 
-| dns1.fi.newpangea.de | FI | 65.21.1.106 | 2a01:4f9:c011:83d::1 | +| ns1.fi.dns.opennic.glue | dns1.fi.newpangea.de | FI | 65.21.1.106 | 2a01:4f9:c011:83d::| Ok 
-| dns1.in.newpangea.de | IN | 139.84.165.176 | 2401:c080:3400:251f:5400:04ff:fe97:fa4e | +| ns6.in.dns.opennic.glue | dns1.in.newpangea.de | IN | 139.84.165.176 | 2401:c080:3400:251f:5400:04ff:fe97:fa4e | Ok 
-| dns1.pl.newpangea.de | PL | 70.34.254.19 | 2a05:f480:2400:117d:5400:04ff:fe98:9f2d | +| ns2.pl.dns.opennic.glue | dns1.pl.newpangea.de | PL | 70.34.254.19 | 2a05:f480:2400:117d:5400:04ff:fe98:9f2d | Ok 
-| dns1.ru.newpangea.de | RU | 45.84.1.149 | 2a09:7c47:0:20::1 | +| ns3.ru.dns.opennic.glue | dns1.ru.newpangea.de | RU | 45.84.1.149 | 2a09:7c47:0:20::| Offline 
-| dns1.uk.newpangea.de | UK | - | - | non-operational | +| -  | dns1.uk.newpangea.de | UK | - | - | non-operational | 
-| dns1.us.newpangea.de | US | 5.161.109.23 | 2a01:4ff:f0:24ff::1 |+| ns2.va.us.dns.opennic.glue | dns1.us.newpangea.de | US | 5.161.109.23 | 2a01:4ff:f0:24ff::| Ok |
  
  
-## Log Anonymization+=== Log Anonymization ===
  
-Since IP addresses are considered PII under the GDPR (and some other legislation), the IP address is anonymized and what's left is the origin [ASN](https://www.net58.io/knowledge/bgp/bgp-primer/bgp-as/). We are not interested in any personally identifiable information, yet we see the DNS as part of the control plane and believe that it is an utterly important and valuable asset to understand the Internet's threat landscape.+Since IP addresses are considered PII under the GDPR (and some other legislation), the IP address is anonymized and what's left is the origin [ASN](https://www.net58.io/knowledge/bgp/bgp-primer/bgp-as/[Note: Link down]. We are not interested in any personally identifiable information, yet we see the DNS as part of the control plane and believe that it is an utterly important and valuable asset to understand the Internet's threat landscape.
  
  
-## Research+=== Research ===
  
 With anonymized input, we want to provide some threat intelligence with an exploratory outcome. The goals can be but are not limited to: With anonymized input, we want to provide some threat intelligence with an exploratory outcome. The goals can be but are not limited to:
  
-* Botnet C2 infrastructure +  * Botnet C2 infrastructure 
-* DNS R/A DDoS attacks +  * DNS R/A DDoS attacks 
-* DNS query flood attacks +  * DNS query flood attacks 
-* DNS water torture attacks (Query floods to non-existing domain names)+  * DNS water torture attacks (Query floods to non-existing domain names)
  
  
-## Resources +=== Resources ===
  
-[Project Website: newpangea.de](https://newpangea.de)+  * Project Website: [[https://newpangea.de|newpangea.de]]
  • /wiki/data/attic/user/pangea.1696690355.txt.gz
  • Last modified: 7 months ago
  • by pangea