misp-warninglists icon indicating copy to clipboard operation
misp-warninglists copied to clipboard
verified publisher icon MISP

Why hard-coded nameservers in tools/generator.py?

Open hkelley opened this issue 2 years ago • 2 comments

Outbound DNS is blocked in my environment. I can make the following changes locally, but a), I'm wondering what the original design objective was and b) how to make this change so that I'm not having to merge my local version with the latest git version every time I update.

https://github.com/MISP/misp-warninglists/blob/e868e50c461b2e57c0c4306bad622bc7f658ce39/tools/generator.py#L180

def create_resolver() -> dns.resolver.Resolver:
    resolver = dns.resolver.Resolver() #(configure=False)
    resolver.timeout = 30
    resolver.lifetime = 30
    resolver.cache = dns.resolver.LRUCache()
    # resolver.nameservers = ["193.17.47.1", "185.43.135.1"]  # CZ.NIC nameservers
    return resolver

hkelley avatar Nov 23 '23 00:11 hkelley

The original design was to have a consistent output for the generation. We had issue that due to geo-based DNS, we had different records sets coming from different public resolver. Maybe we should improve the script to make it configurable?

adulau avatar Nov 29 '23 08:11 adulau

Yes, configurable (including the option to use the OS default resolver) would work for my scenario.

hkelley avatar Nov 29 '23 11:11 hkelley