[dns-operations] about NXDOMAIN under the TLD .ws

support at cloudwebdns.com support at cloudwebdns.com
Tue Mar 22 09:00:04 UTC 2016


Google DNS has no error. But the ws domain's authorized nameserver has 
hijacked the domain IMO.

$ idig thisdomainshouldnotexist.ws @ns2.dns.ws
thisdomainshouldnotexist.ws. 300 IN	A	64.70.19.202



> Why .ws don’t reply NXDOMAIN for non-existent domains, but return a
> valid A record which rdata is 64.70.19.202?
> 
> An example:
> 
> [zhangzaifeng at ip-10-0-0-195 ~]$ dig thisdomainshouldnotexist.ws
> @8.8.8.8
> 
> ; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.3 <<>>
> thisdomainshouldnotexist.ws @8.8.8.8
> 
> ;; global options: +cmd
> 
> ;; Got answer:
> 
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28528
> 
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> 
> ;thisdomainshouldnotexist.ws. IN A
> 
> ;; ANSWER SECTION:
> 
> thisdomainshouldnotexist.ws. 299 IN A 64.70.19.202
> 
> ;; Query time: 312 msec
> 
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> 
> ;; WHEN: Tue Mar 22 04:38:12 2016
> 
> ;; MSG SIZE rcvd: 61
> 
> --------
> 
> Zhang Zaifeng
> 
> Network Security Research Lab, QIHOO 360
> 
> Email: zhangzaifeng at 360.cn
> 
> Phone: +86 13520348533
> 
> 
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs




More information about the dns-operations mailing list