SrAlias - Random SRV Aliases
This module is designed to return one or more random aliases using SRV (Service Locator) records.
It specifically generates a random SRV alias record in the format sralias######.yourdomain.com
, where ######
represents a random number.
The idea is that if the client/resolver decides to resolve this further, it will result in the generation of yet another alias, theoretically leading to a resolution of infinite chain of random aliases. In practice, however, most modern resolvers will terminate the resolution after encountering several consecutive alias records.
Note that SRV records include fields for Priority, Weight, and Port number. In this module, both the Priority and Weight are set to 0, while the Port number is randomly generated for each record.
Additionally, the module supports DNS queries for locating different services using the underscore (_) prefix notation, also known as Attrleaf naming pattern, service labels, or underscore labels (RFC8552, RFC8553).
Note that this feature provides the same functionality as requesting the SRV record for the generic alias feature. Responding with multiple records (aliases) in a single response is also supported.
Category: Aliases
Tags: Amplification, Domain Lock-Up, Denial of Service
RFCs: RFC2782, RFC8552, RFC8553
Format
sralias.<NUMBER>.yourdomain.com
Where:
- The
<NUMBER>
parameter defines how many aliases should be generated in the response.
Examples
By default, the module generates a single SRV alias record response:
# dig sralias.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> sralias.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55148 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;sralias.yourdomain.com. IN A ;; ANSWER SECTION: sralias.yourdomain.com. 60 IN SRV 0 0 12785 sralias237013.yourdomain.com. ;; Query time: 8 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:25:50 +04 2024 ;; MSG SIZE rcvd: 88
Same example as above, but this time we explicitly specify that we want to receive a single SRV record:
# dig sralias.1.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> sralias.1.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3876 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;sralias.1.yourdomain.com. IN A ;; ANSWER SECTION: sralias.1.yourdomain.com. 60 IN SRV 0 0 65279 sralias559423.1.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:25:51 +04 2024 ;; MSG SIZE rcvd: 92
In this case, we specify that we want to receive 5 (five) SRV alias records:
# dig sralias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> sralias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 463 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;sralias.5.yourdomain.com. IN A ;; ANSWER SECTION: sralias.5.yourdomain.com. 60 IN SRV 0 0 34653 sralias372165.5.yourdomain.com. sralias.5.yourdomain.com. 60 IN SRV 0 0 4052 sralias522984.5.yourdomain.com. sralias.5.yourdomain.com. 60 IN SRV 0 0 3146 sralias946479.5.yourdomain.com. sralias.5.yourdomain.com. 60 IN SRV 0 0 7766 sralias980568.5.yourdomain.com. sralias.5.yourdomain.com. 60 IN SRV 0 0 61131 sralias874557.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:25:52 +04 2024 ;; MSG SIZE rcvd: 292
As mentioned in the description, this module also supports DNS queries for locating different services using the underscore (_) prefix notation. In this example, we search for SIP (Session Initiation Protocol) service. We request to receive a single SRV alias record:
# dig _sip.sralias.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> _sip.sralias.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10019 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;_sip.sralias.yourdomain.com. IN A ;; ANSWER SECTION: _sip.sralias.yourdomain.com. 60 IN SRV 0 0 28717 _sip.sralias171721.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:25:53 +04 2024 ;; MSG SIZE rcvd: 98
Here, we search for SIP service running over UDP, and we want to receive 2 (two) SRV alias records:
# dig _sip._udp.sralias.2.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> _sip._udp.sralias.2.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8670 ;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;_sip._udp.sralias.2.yourdomain.com. IN A ;; ANSWER SECTION: _sip._udp.sralias.2.yourdomain.com. 60 IN SRV 0 0 43511 _sip._udp.sralias9688.2.yourdomain.com. _sip._udp.sralias.2.yourdomain.com. 60 IN SRV 0 0 20036 _sip._udp.sralias665035.2.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:25:55 +04 2024 ;; MSG SIZE rcvd: 170
Here, we search for HTTP service running over TCP, and we request to receive 10 (ten) SRV alias records:
# dig _http._tcp.sralias.10.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> _http._tcp.sralias.10.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49092 ;; flags: qr aa; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;_http._tcp.sralias.10.yourdomain.com. IN A ;; ANSWER SECTION: _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 23984 _http._tcp.sralias689810.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 39813 _http._tcp.sralias81361.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 20733 _http._tcp.sralias111805.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 25411 _http._tcp.sralias47729.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 63569 _http._tcp.sralias897908.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 26123 _http._tcp.sralias504775.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 41679 _http._tcp.sralias304112.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 43984 _http._tcp.sralias485224.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 6175 _http._tcp.sralias861822.10.yourdomain.com. _http._tcp.sralias.10.yourdomain.com. 60 IN SRV 0 0 53547 _http._tcp.sralias464711.10.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:26:11 +04 2024 ;; MSG SIZE rcvd: 672
Here, we search for HTTP service specifically designed for mobile devices, running over TCP. We request to receive 20 (twenty) SRV alias records in the response:
# dig _mobile._http._tcp.sralias.20.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> _mobile._http._tcp.sralias.20.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27498 ;; flags: qr aa; QUERY: 1, ANSWER: 20, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;_mobile._http._tcp.sralias.20.yourdomain.com. IN A ;; ANSWER SECTION: _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 29908 _mobile._http._tcp.sralias237924.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 9189 _mobile._http._tcp.sralias511437.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 20000 _mobile._http._tcp.sralias174573.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 31015 _mobile._http._tcp.sralias19560.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 59681 _mobile._http._tcp.sralias780263.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 59820 _mobile._http._tcp.sralias95541.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 27968 _mobile._http._tcp.sralias573896.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 28448 _mobile._http._tcp.sralias134844.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 54512 _mobile._http._tcp.sralias874006.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 25068 _mobile._http._tcp.sralias310237.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 47832 _mobile._http._tcp.sralias857360.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 24026 _mobile._http._tcp.sralias441198.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 17 _mobile._http._tcp.sralias522016.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 37208 _mobile._http._tcp.sralias300003.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 55777 _mobile._http._tcp.sralias157189.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 14640 _mobile._http._tcp.sralias488501.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 16731 _mobile._http._tcp.sralias498508.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 19746 _mobile._http._tcp.sralias422135.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 14496 _mobile._http._tcp.sralias814941.20.yourdomain.com. _mobile._http._tcp.sralias.20.yourdomain.com. 60 IN SRV 0 0 52586 _mobile._http._tcp.sralias681808.20.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:25:57 +04 2024 ;; MSG SIZE rcvd: 1460
From the same category
- Alias - Random Aliases
- CnAlias - Random CNAME Aliases
- DnAlias - Random DNAME Aliases
- HtAlias - Random HTTPS Aliases
- MxAlias - Random MX Aliases
- NptEnumAlias - Random NAPTR ENUM Aliases
- NsAlias - Random NS Aliases
- PtrAlias - Random PTR Aliases
- SpfAlias1 - Random SPF (TXT) Aliases (Variant 1)
- SpfAlias2 - Random SPF (TXT) Aliases (Variant 2)
- SvAlias - Random SVCB Aliases