[dns-operations] .COM and root authority claims seen in ISC SIE just now

Mark Andrews Mark_Andrews at isc.org
Tue Nov 20 10:38:41 UTC 2007

> On Mon, Nov 19, 2007 at 11:27:51AM -0800,
>  Duane Wessels <wessels at packet-pushers.com> wrote 
>  a message of 21 lines which said:
> > I'm sure that most of these (and the the
> > claim-to-be-authoritative-for-com ones) are due to lazy foks with
> > more domains than clue.  They can't be bothered to make a separate
> > zone (file) for each domain they have, so it all goes into one big
> > root-zone-of-lies.
> Could it be for performance reasons (and not just for cluenessness)? I
> assume that, with BIND, loading one big zone-of-lies is much faster
> than loading the N real zones? And it has no big consequences since
> noone will ask this server for zones for which it is not
> authoritative, anyway.

	Except that the NS records are returns as is the SOA record
	with negative responses.  This is attempted cache poisioning.

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the dns-operations mailing list