North Korean DNS Leak reveals North Korean websites

One of North Korea’s top level DNS servers was mis-configured today (20th September 2016) accidentally allowing global DNS zone transfers. This allowed anyone who makes a zone transfer request (AXFR) to retrieve a copy of the nation’s top level DNS data.

The TLDR project attempts zone transfers against all top level domain (TLD) nameservers every two hours and keep a running Github repo with the resulting data for historical purposes. https://github.com/mandatoryprogrammer/TLDR

This data showed there are 28 domains configured inside North Korea, here is the list:

airkoryo.com.kp
cooks.org.kp
friend.com.kp
gnu.rep.kp
kass.org.kp
kcna.kp
kiyctc.com.kp
knic.com.kp
koredufund.org.kp
korelcfund.org.kp
korfilm.com.kp
ma.gov.kp
masikryong.com.kp
naenara.com.kp
nta.gov.kp
portal.net.kp
rcc.net.kp
rep.kp
rodong.rep.kp
ryongnamsan.edu.kp
sdprk.org.kp
silibank.net.kp
star-co.net.kp
star-di.net.kp
star.co.kp
star.edu.kp
star.net.kp
vok.rep.kp

One thought on “North Korean DNS Leak reveals North Korean websites”

Leave a Reply

Your email address will not be published. Required fields are marked *