Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Question for DNS pros
From: Steve <fulld-nospam () braingia org>
Date: Sat, 24 Jul 2004 08:58:12 -0500

On Sat, Jul 24, 2004 at 12:58:42AM -0500, Paul Schmehl wrote:
i think your isp should have this info

Umm..did you look at my address?  We own a class B.  We don't have an 

Agreed.  Even if you did have an ISP, I don't see any reason why they 
would have this information.

Not if the "other" DNS server is working.  You're required to register two 
nameservers; a primary and a secondary.  You only need one to answer 
queries.  If a guy registered a domain and used *his* box for the primary 
and just grabbed a random IP to register as a "secondary", why would he 
care of the secondary didn't work?

A solution or, well, a possible way to make the problem solve itself, is
to start answering queries for the domain that's pointing to you, except
answer them incorrectly.  Another poster had pointed out that you could
answer the queries by pointing to and that might be a
solution.  The person who registered the domain pointing to your address
may eventually get sick of having some queries answered incorrectly for
their domain and switch it.

It may also be a violation of a registrar's terms of service to point to
DNS servers that aren't actually authoritative for the zone but I
wouldn't count on this actually paying dividends.  When we had the same
problem a number of years ago, the registrar (verisign) said that we
needed to take it up with the domain owner.  It didn't matter that we
explained that the domain owner was unresponsive.  These policies may 
have changed since I last tried but I wouldn't count on it.

I would first try to contact the domain owner to see if they pointed to 
the IP by mistake and politely ask them to change it.  If they didn't 
respond, I might contact them again telling them that I'm about to start 
answering queries for that domain with whatever I wanted.  If, after 
those attempts nothing changed, I would implement the DNS server on the 
IP in question and start answering for it.

You're misunderstanding the problem.  The problem is, we want to make sure 
our IPs aren't being used by someone else, even inadvertantly.

I don't believe that you're ever going to be completely successful in
this.  It's like saying that you never want someone to sign up for a
mailing list with your physical (real-world) address.  You can't control
someone using your physical address and having their mail sent there. 
You can, however, prevent them from retrieving their mail by getting to
your mailbox first.  :)

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]