SvAlias - Random SVCB Aliases
This module is designed to return one or more random aliases using SVCB (Service Binding) records.
It specifically generates a random SVCB alias record in the format svalias######.yourdomain.com
, where ######
represents a random number.
The idea is that if the client/resolver decides to resolve this further, it will result in the generation of yet another alias, theoretically leading to a resolution of infinite chain of random aliases. In practice, however, most modern resolvers will terminate the resolution after encountering several consecutive alias records.
Additionally, the module supports DNS queries for locating different services using the underscore (_) prefix notation, also known as Attrleaf naming pattern, service labels, or underscore labels (RFC8552, RFC8553).
Note that this module provides the same functionality as requesting the SVCB record for the generic alias module.
Category: Aliases
Tags: Amplification, Domain Lock-Up, Denial of Service
RFCs: RFC9460, RFC8552, RFC8553
Format
svalias.<NUMBER>.yourdomain.com
Where:
- The
<NUMBER>
parameter defines how many aliases should be generated in the response.
Examples
By default, the module returns a single SVCB alias record (with SvcPriority set to 0):
# dig svalias.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> svalias.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36109 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;svalias.yourdomain.com. IN A ;; ANSWER SECTION: svalias.yourdomain.com. 60 IN SVCB 0 svalias245011.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:33:59 +04 2024 ;; MSG SIZE rcvd: 84
Same example as above, but this time we explicitly specify that we want to receive a single SVCB record:
# dig svalias.1.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> svalias.1.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35041 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;svalias.1.yourdomain.com. IN A ;; ANSWER SECTION: svalias.1.yourdomain.com. 60 IN SVCB 0 svalias689763.1.yourdomain.com. ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:34:00 +04 2024 ;; MSG SIZE rcvd: 88
In this case, we specify that we want to receive 5 (five) SVCB alias records:
# dig svalias.5.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> svalias.5.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 794 ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;svalias.5.yourdomain.com. IN A ;; ANSWER SECTION: svalias.5.yourdomain.com. 60 IN SVCB 0 svalias175584.5.yourdomain.com. svalias.5.yourdomain.com. 60 IN SVCB 0 svalias670081.5.yourdomain.com. svalias.5.yourdomain.com. 60 IN SVCB 0 svalias709467.5.yourdomain.com. svalias.5.yourdomain.com. 60 IN SVCB 0 svalias534655.5.yourdomain.com. svalias.5.yourdomain.com. 60 IN SVCB 0 svalias197848.5.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:34:01 +04 2024 ;; MSG SIZE rcvd: 272
As mentioned in the description, this module also supports DNS queries for locating different services using the underscore (_) prefix notation. In this example, we search for SIP (Session Initiation Protocol) service, and we request to receive a single SVCB alias record:
# dig _sip.svalias.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> _sip.svalias.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26281 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;_sip.svalias.yourdomain.com. IN A ;; ANSWER SECTION: _sip.svalias.yourdomain.com. 60 IN SVCB 0 _sip.svalias380835.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:34:03 +04 2024 ;; MSG SIZE rcvd: 94
Here, we search for SIP service running over UDP, and we want to receive 2 (two) SVCB alias records:
# dig _sip._udp.svalias.2.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> _sip._udp.svalias.2.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22396 ;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;_sip._udp.svalias.2.yourdomain.com. IN A ;; ANSWER SECTION: _sip._udp.svalias.2.yourdomain.com. 60 IN SVCB 0 _sip._udp.svalias68871.2.yourdomain.com. _sip._udp.svalias.2.yourdomain.com. 60 IN SVCB 0 _sip._udp.svalias58558.2.yourdomain.com. ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:34:04 +04 2024 ;; MSG SIZE rcvd: 162
Here, we search for HTTP service running over TCP, and we request to receive 10 (ten) SVCB alias records:
# dig _http._tcp.svalias.10.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> _http._tcp.svalias.10.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27173 ;; flags: qr aa; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;_http._tcp.svalias.10.yourdomain.com. IN A ;; ANSWER SECTION: _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias774366.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias88586.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias229026.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias993449.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias635189.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias725211.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias974324.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias229791.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias498227.10.yourdomain.com. _http._tcp.svalias.10.yourdomain.com. 60 IN SVCB 0 _http._tcp.svalias862743.10.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:34:05 +04 2024 ;; MSG SIZE rcvd: 633
Here, we search for HTTP service specifically designed for mobile devices, running over TCP. We request 20 (twenty) SVCB alias records in the response:
# dig _mobile._http._tcp.svalias.20.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> _mobile._http._tcp.svalias.20.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64946 ;; flags: qr aa; QUERY: 1, ANSWER: 20, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;_mobile._http._tcp.svalias.20.yourdomain.com. IN A ;; ANSWER SECTION: _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias811997.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias517921.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias587035.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias138536.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias549532.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias954047.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias193364.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias11198.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias43082.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias60358.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias234123.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias302443.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias867824.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias529761.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias826335.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias219670.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias48921.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias369726.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias185492.20.yourdomain.com. _mobile._http._tcp.svalias.20.yourdomain.com. 60 IN SVCB 0 _mobile._http._tcp.svalias986029.20.yourdomain.com. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Mon Nov 04 16:34:06 +04 2024 ;; MSG SIZE rcvd: 1378
From the same category
- Alias - Random Aliases
- CnAlias - Random CNAME Aliases
- DnAlias - Random DNAME Aliases
- HtAlias - Random HTTPS Aliases
- MxAlias - Random MX Aliases
- NptEnumAlias - Random NAPTR ENUM Aliases
- NsAlias - Random NS Aliases
- PtrAlias - Random PTR Aliases
- SpfAlias1 - Random SPF (TXT) Aliases (Variant 1)
- SpfAlias2 - Random SPF (TXT) Aliases (Variant 2)
- SrAlias - Random SRV Aliases