[dns-operations] about NXDOMAIN under the TLD .ws
support at cloudwebdns.com
support at cloudwebdns.com
Tue Mar 22 09:00:04 UTC 2016
Google DNS has no error. But the ws domain's authorized nameserver has
hijacked the domain IMO.
$ idig thisdomainshouldnotexist.ws @ns2.dns.ws
thisdomainshouldnotexist.ws. 300 IN A 64.70.19.202
> Why .ws don’t reply NXDOMAIN for non-existent domains, but return a
> valid A record which rdata is 64.70.19.202?
>
> An example:
>
> [zhangzaifeng at ip-10-0-0-195 ~]$ dig thisdomainshouldnotexist.ws
> @8.8.8.8
>
> ; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.3 <<>>
> thisdomainshouldnotexist.ws @8.8.8.8
>
> ;; global options: +cmd
>
> ;; Got answer:
>
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28528
>
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
>
> ;thisdomainshouldnotexist.ws. IN A
>
> ;; ANSWER SECTION:
>
> thisdomainshouldnotexist.ws. 299 IN A 64.70.19.202
>
> ;; Query time: 312 msec
>
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
>
> ;; WHEN: Tue Mar 22 04:38:12 2016
>
> ;; MSG SIZE rcvd: 61
>
> --------
>
> Zhang Zaifeng
>
> Network Security Research Lab, QIHOO 360
>
> Email: zhangzaifeng at 360.cn
>
> Phone: +86 13520348533
>
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
More information about the dns-operations
mailing list