-
Notifications
You must be signed in to change notification settings - Fork 26
Methodology
We use series of "borderline" query-response messages to identify implementations. Series of query-response messages form a sequence.
As mentioned, responses to a "borderline" query is used in this method. To be somewhat efficient, a tree can be constructed which consists of queries (nodes) and responses (branches), where the leave nodes identify the implementation.
Every path, from the root node (initial query) to a leave node (final query) is a sequence or "strain". The strains are used to distinguish between, and as said, ultimately identify implementations.
Parallel to this technique it is possible to identify some brands and their versions by doing a specific query asking for the servers' version. This technique does not satisfy our requirement since this has not been implemented in all brands of nameservers (it is not part of any standard), operators may have obscured the information and there are implementations that try to resolve the query, essentially asking root-servers from a different class for their version.