HtAlias - Random HTTPS Aliases
This module is designed to return one or more random aliases using HTTPS (HyperText Transfer Protocol Secure) records.
It specifically generates a random HTTPS alias record in the format htalias######.yourdomain.com, where ###### represents a random number.
The idea is that if the client/resolver decides to resolve this further, it will result in the generation of yet another alias, theoretically leading to a resolution of infinite chain of random aliases. In practice, however, most modern resolvers will terminate the resolution after encountering several consecutive alias records.
Note that this feature provides the same functionality as requesting the HTTPS record for the generic alias feature. Responding with multiple records (aliases) in a single response is also supported.
Category: Aliases
Tags: Amplification, Domain Lock-Up, Denial of Service
RFCs: RFC9460
Format
htalias.<NUMBER>.yourdomain.com
Where:
- The
<NUMBER>parameter defines how many aliases should be generated in the response.
Examples
By default, it returns a single HTTPS alias:
# dig htalias.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> htalias.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13443 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;htalias.yourdomain.com. IN A ;; ANSWER SECTION: htalias.yourdomain.com. 60 IN HTTPS 0 htalias124327.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Wed Oct 16 09:37:05 +04 2024 ;; MSG SIZE rcvd: 84
Same example as above, but this time we explicitly specify that we want to receive a single HTTPS record:
# dig htalias.1.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> htalias.1.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41170 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;htalias.1.yourdomain.com. IN A ;; ANSWER SECTION: htalias.1.yourdomain.com. 60 IN HTTPS 0 htalias905146.1.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Wed Oct 16 09:37:06 +04 2024 ;; MSG SIZE rcvd: 88
In this case, we specify that we want to receive five HTTPS aliases:
# dig htalias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> htalias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35869 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;htalias.5.yourdomain.com. IN A ;; ANSWER SECTION: htalias.5.yourdomain.com. 60 IN HTTPS 0 htalias608782.5.yourdomain.com. htalias.5.yourdomain.com. 60 IN HTTPS 0 htalias896745.5.yourdomain.com. htalias.5.yourdomain.com. 60 IN HTTPS 0 htalias697672.5.yourdomain.com. htalias.5.yourdomain.com. 60 IN HTTPS 0 htalias418349.5.yourdomain.com. htalias.5.yourdomain.com. 60 IN HTTPS 0 htalias9748.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Wed Oct 16 09:37:07 +04 2024 ;; MSG SIZE rcvd: 270
From the same category
- Alias - Random Aliases
- CnAlias - Random CNAME Aliases
- DnAlias - Random DNAME Aliases
- MxAlias - Random MX Aliases
- NptEnumAlias - Random NAPTR ENUM Aliases
- NsAlias - Random NS Aliases
- PtrAlias - Random PTR Aliases
- SpfAlias1 - Random SPF (TXT) Aliases (Variant 1)
- SpfAlias2 - Random SPF (TXT) Aliases (Variant 2)
- SrAlias - Random SRV Aliases
- SvAlias - Random SVCB Aliases