Full Disclosure mailing list archives
Re: Question for DNS pros
From: Steve <fulld-nospam () braingia org>
Date: Sat, 24 Jul 2004 08:58:12 -0500
On Sat, Jul 24, 2004 at 12:58:42AM -0500, Paul Schmehl wrote:
i think your isp should have this infoUmm..did you look at my address? We own a class B. We don't have an ISP.
Agreed. Even if you did have an ISP, I don't see any reason why they would have this information.
Not if the "other" DNS server is working. You're required to register two nameservers; a primary and a secondary. You only need one to answer queries. If a guy registered a domain and used *his* box for the primary and just grabbed a random IP to register as a "secondary", why would he care of the secondary didn't work?
A solution or, well, a possible way to make the problem solve itself, is to start answering queries for the domain that's pointing to you, except answer them incorrectly. Another poster had pointed out that you could answer the queries by pointing to 127.0.0.1 and that might be a solution. The person who registered the domain pointing to your address may eventually get sick of having some queries answered incorrectly for their domain and switch it. It may also be a violation of a registrar's terms of service to point to DNS servers that aren't actually authoritative for the zone but I wouldn't count on this actually paying dividends. When we had the same problem a number of years ago, the registrar (verisign) said that we needed to take it up with the domain owner. It didn't matter that we explained that the domain owner was unresponsive. These policies may have changed since I last tried but I wouldn't count on it. I would first try to contact the domain owner to see if they pointed to the IP by mistake and politely ask them to change it. If they didn't respond, I might contact them again telling them that I'm about to start answering queries for that domain with whatever I wanted. If, after those attempts nothing changed, I would implement the DNS server on the IP in question and start answering for it.
You're misunderstanding the problem. The problem is, we want to make sure our IPs aren't being used by someone else, even inadvertantly.
I don't believe that you're ever going to be completely successful in this. It's like saying that you never want someone to sign up for a mailing list with your physical (real-world) address. You can't control someone using your physical address and having their mail sent there. You can, however, prevent them from retrieving their mail by getting to your mailbox first. :) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Question for DNS pros Paul Schmehl (Jul 23)
- Enumerating a DNS servers authoritative zones (was Question for DNS pros) Bennett Todd (Jul 23)
- Re: Enumerating a DNS servers authoritative zones (was Question for DNS pros) Paul Schmehl (Jul 23)
- Re: Question for DNS pros Dennis Opacki (Jul 23)
- Re: Question for DNS pros VX Dude (Jul 23)
- Re: Question for DNS pros Oliver () greyhat de (Jul 23)
- Re: Question for DNS pros Paul Schmehl (Jul 23)
- Re: Question for DNS pros ALD, [ Aditya Lalit Deshmukh ] (Jul 23)
- Re: Question for DNS pros Paul Schmehl (Jul 23)
- Re: Question for DNS pros Steve (Jul 25)
- Re: Question for DNS pros Oliver () greyhat de (Jul 23)
- Re: Question for DNS pros Cyril Guibourg (Jul 23)
- Re: Question for DNS pros Nick FitzGerald (Jul 24)
- Re: Question for DNS pros Dave Yingling (Jul 25)
- Enumerating a DNS servers authoritative zones (was Question for DNS pros) Bennett Todd (Jul 23)
- Re: Question for DNS pros Steffen Schumacher (Jul 25)
- <Possible follow-ups>
- FW: Question for DNS pros Suzi and Harold VanPatten (Jul 25)
- Re: FW: Question for DNS pros Paul Schmehl (Jul 24)
- Re: FW: Question for DNS pros Paul Rolland (Jul 25)
- Re: FW: Question for DNS pros Paul Schmehl (Jul 25)
- Re: FW: Question for DNS pros Paul Schmehl (Jul 24)