Alias - Random Aliases
This module implements random aliases in DNS using variety of different record (resource) types. It supports the following record types:
- CNAME (Canonical Name)
- DNAME (Delegation Name)
- HTTPS (HyperText Transfer Protocol Secure)
- SVCB (Service Binding)
- SPF (Sender Policy Framework)
- SRV (Service Locator)
- MX (Mail Exchange)
- NS (Name Server)
The module generates a random alias record in the format alias######.yourdomain.com
, where ######
represents a random number.
The idea is that if the client/resolver decides to resolve this further, it will result in the generation of yet another alias, theoretically leading to a resolution of infinite chain of random aliases. In practice, however, most modern resolvers will terminate the resolution after encountering several consecutive alias records.
Additionally, the module can respond with multiple alias records. The specific number of records created is based on the numerical value added to the domain name.
Category: Aliases
Tags: Amplification, Domain Lock-Up, Denial of Service
RFCs: RFC1034, RFC1035, RFC2672, RFC2782, RFC2915, RFC3761, RFC4408, RFC6672, RFC7208, RFC9460
Format
alias.<NUMBER>.yourdomain.com
Where:
- The
<NUMBER>
parameter defines how many aliases should be generated in the response.
Examples
By default, the module generates a single CNAME alias:
# dig alias.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> alias.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37338 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.yourdomain.com. IN A ;; ANSWER SECTION: alias.yourdomain.com. 60 IN CNAME alias54752.yourdomain.com. ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:31 +04 2024 ;; MSG SIZE rcvd: 77
Like other features, you can append anything to the feature name to avoid receiving cached responses from the target DNS resolver. This forces the target resolver to actively communicate with our PolarDNS server instead of responding with cached answers. Using a random number is the most effective strategy:
# dig alias${RANDOM}.yourdomain.com @10.211.55.2 ; <<>> DiG 9.18.10-2-Debian <<>> alias1467.yourdomain.com @10.211.55.2 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27306 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias1467.yourdomain.com. IN A ;; ANSWER SECTION: alias1467.yourdomain.com. 60 IN CNAME alias304698.yourdomain.com. ;; Query time: 4 msec ;; SERVER: 10.211.55.2#53(10.211.55.2) (UDP) ;; WHEN: Fri Nov 01 11:20:39 +04 2024 ;; MSG SIZE rcvd: 82
In this example, we explicitly request five CNAME alias records:
# dig CNAME alias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> CNAME alias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49874 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.5.yourdomain.com. IN CNAME ;; ANSWER SECTION: alias.5.yourdomain.com. 60 IN CNAME alias272095.5.yourdomain.com. alias.5.yourdomain.com. 60 IN CNAME alias450748.5.yourdomain.com. alias.5.yourdomain.com. 60 IN CNAME alias968735.5.yourdomain.com. alias.5.yourdomain.com. 60 IN CNAME alias509.5.yourdomain.com. alias.5.yourdomain.com. 60 IN CNAME alias705353.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:35 +04 2024 ;; MSG SIZE rcvd: 247
In this example, we request five DNAME alias records:
# dig DNAME alias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> DNAME alias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57507 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.5.yourdomain.com. IN DNAME ;; ANSWER SECTION: alias.5.yourdomain.com. 60 IN DNAME alias6171.5.yourdomain.com. alias.5.yourdomain.com. 60 IN DNAME alias332639.5.yourdomain.com. alias.5.yourdomain.com. 60 IN DNAME alias826490.5.yourdomain.com. alias.5.yourdomain.com. 60 IN DNAME alias794293.5.yourdomain.com. alias.5.yourdomain.com. 60 IN DNAME alias924157.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:37 +04 2024 ;; MSG SIZE rcvd: 248
In this example, we request five HTTPS alias records. Note that HTTPS records include SvcPriority field which is set to 0 for every record:
# dig HTTPS alias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> HTTPS alias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47393 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.5.yourdomain.com. IN HTTPS ;; ANSWER SECTION: alias.5.yourdomain.com. 60 IN HTTPS 0 alias732626.5.yourdomain.com. alias.5.yourdomain.com. 60 IN HTTPS 0 alias55279.5.yourdomain.com. alias.5.yourdomain.com. 60 IN HTTPS 0 alias64468.5.yourdomain.com. alias.5.yourdomain.com. 60 IN HTTPS 0 alias107380.5.yourdomain.com. alias.5.yourdomain.com. 60 IN HTTPS 0 alias48323.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:38 +04 2024 ;; MSG SIZE rcvd: 257
In this example, we request five SVCB alias records. Note that SVCB records include SvcPriority field which is set to 0 for every record:
# dig SVCB alias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> SVCB alias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13676 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.5.yourdomain.com. IN SVCB ;; ANSWER SECTION: alias.5.yourdomain.com. 60 IN SVCB 0 alias249629.5.yourdomain.com. alias.5.yourdomain.com. 60 IN SVCB 0 alias935916.5.yourdomain.com. alias.5.yourdomain.com. 60 IN SVCB 0 alias45911.5.yourdomain.com. alias.5.yourdomain.com. 60 IN SVCB 0 alias439073.5.yourdomain.com. alias.5.yourdomain.com. 60 IN SVCB 0 alias936.5.yourdomain.com. ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:39 +04 2024 ;; MSG SIZE rcvd: 256
In this example, we request five SRV alias records. Note that SRV records include fields for Priority, Weight, and Port number. In this module, both the Priority and Weight are set to 0, while the Port number is randomly assigned for each record:
# dig SRV alias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> SRV alias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61727 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.5.yourdomain.com. IN SRV ;; ANSWER SECTION: alias.5.yourdomain.com. 60 IN SRV 0 0 31514 alias192640.5.yourdomain.com. alias.5.yourdomain.com. 60 IN SRV 0 0 5419 alias26044.5.yourdomain.com. alias.5.yourdomain.com. 60 IN SRV 0 0 24657 alias650070.5.yourdomain.com. alias.5.yourdomain.com. 60 IN SRV 0 0 53105 alias385473.5.yourdomain.com. alias.5.yourdomain.com. 60 IN SRV 0 0 14553 alias921545.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:40 +04 2024 ;; MSG SIZE rcvd: 279
In this example, we request five SPF alias records. Note that each SPF record is contained within a single TXT record in this case:
# dig TXT alias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> TXT alias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50138 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.5.yourdomain.com. IN TXT ;; ANSWER SECTION: alias.5.yourdomain.com. 60 IN TXT "v=spf1 include:alias96317.5.yourdomain.com ~all" alias.5.yourdomain.com. 60 IN TXT "v=spf1 include:alias845874.5.yourdomain.com ~all" alias.5.yourdomain.com. 60 IN TXT "v=spf1 include:alias912078.5.yourdomain.com ~all" alias.5.yourdomain.com. 60 IN TXT "v=spf1 include:alias771043.5.yourdomain.com ~all" alias.5.yourdomain.com. 60 IN TXT "v=spf1 include:alias161094.5.yourdomain.com ~all" ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:42 +04 2024 ;; MSG SIZE rcvd: 344
There is also a designated spfalias2 module which can fit multiple SPF aliases within a single TXT record.
In this example, we request five MX alias records. Note that MX records include Preference field which is set to 0 for every record:
# dig MX alias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> MX alias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4834 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.5.yourdomain.com. IN MX ;; ANSWER SECTION: alias.5.yourdomain.com. 60 IN MX 0 alias497465.5.yourdomain.com. alias.5.yourdomain.com. 60 IN MX 0 alias734659.5.yourdomain.com. alias.5.yourdomain.com. 60 IN MX 0 alias722603.5.yourdomain.com. alias.5.yourdomain.com. 60 IN MX 0 alias328306.5.yourdomain.com. alias.5.yourdomain.com. 60 IN MX 0 alias28466.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:43 +04 2024 ;; MSG SIZE rcvd: 259
In this example, we request five NS alias records:
# dig NS alias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> NS alias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59022 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;alias.5.yourdomain.com. IN NS ;; ANSWER SECTION: alias.5.yourdomain.com. 60 IN NS alias262604.5.yourdomain.com. alias.5.yourdomain.com. 60 IN NS alias703293.5.yourdomain.com. alias.5.yourdomain.com. 60 IN NS alias579565.5.yourdomain.com. alias.5.yourdomain.com. 60 IN NS alias99588.5.yourdomain.com. alias.5.yourdomain.com. 60 IN NS alias205106.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Fri Oct 18 11:39:44 +04 2024 ;; MSG SIZE rcvd: 249
From the same category
- CnAlias - Random CNAME Aliases
- DnAlias - Random DNAME Aliases
- HtAlias - Random HTTPS Aliases
- MxAlias - Random MX Aliases
- NptEnumAlias - Random NAPTR ENUM Aliases
- NsAlias - Random NS Aliases
- PtrAlias - Random PTR Aliases
- SpfAlias1 - Random SPF (TXT) Aliases (Variant 1)
- SpfAlias2 - Random SPF (TXT) Aliases (Variant 2)
- SrAlias - Random SRV Aliases
- SvAlias - Random SVCB Aliases