[dns-operations] .COM and root authority claims seen in ISC SIE just now
Mark Andrews
Mark_Andrews at isc.org
Tue Nov 20 10:38:41 UTC 2007
> On Mon, Nov 19, 2007 at 11:27:51AM -0800,
> Duane Wessels <wessels at packet-pushers.com> wrote
> a message of 21 lines which said:
>
> > I'm sure that most of these (and the the
> > claim-to-be-authoritative-for-com ones) are due to lazy foks with
> > more domains than clue. They can't be bothered to make a separate
> > zone (file) for each domain they have, so it all goes into one big
> > root-zone-of-lies.
>
> Could it be for performance reasons (and not just for cluenessness)? I
> assume that, with BIND, loading one big zone-of-lies is much faster
> than loading the N real zones? And it has no big consequences since
> noone will ask this server for zones for which it is not
> authoritative, anyway.
Except that the NS records are returns as is the SOA record
with negative responses. This is attempted cache poisioning.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the dns-operations
mailing list