[dns-operations] A report on a DNS issue that was causing page redirections
Stephane Bortzmeyer
bortzmeyer at nic.fr
Wed Aug 13 07:38:33 UTC 2014
On Tue, Aug 12, 2014 at 06:59:37PM +0200,
Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote
a message of 14 lines which said:
> The author says "your domain name registrar can introduce an error to
> the root domain database and match your domain to an incorrect DNS
> servers (this actually happened earlier in history of some domain
> registrars)" but my human memory cannot find an actual documented
> case. Anyone can mention one or was it just speculation?
One case mentioned by Tony which is not exactly that, but close:
http://news.netcraft.com/archives/2005/01/18/lapse_at_melbourne_it_enabled_panixcom_hijacking.html
One mentioned in ANSSI's guide on DNS:
http://blogs.cisco.com/security/hijacking-of-dns-records-from-network-solutions/
[If you take Network Solutions' words literally...]
> DNSSEC would have mitigated the problem if the domain had been
> properly managed, which was apparently not the case.
Someone asked me to be more precise: if the DNS hoster does both the
provisioning (including the signing) and the publication on its DNS
servers, then, DNSSEC would not help (GIGO). But if the user does the
provisioning / signing, and relies on the DNS hoster just for
publication (the user being just a stealth master), DNSSEC would
protect against blunders by the DNS hoster.
More information about the dns-operations
mailing list