i'm hearing reports of new DNS cache corruption
André Pirard
A.Pirard at ulg.ac.be
Sat Jul 3 22:48:44 UTC 1999
Paul Vixie <paul at vix.com> wrote:
>one person's caching name server had been told that www.networksolutions.com's
>"A" record was that of ICANN's web server.
>...
>if anyone who has a corrupted BIND server would dump its cache and send me the
>IP address that the corrupt A RR came from, i'd appreciate it (and i'll share
>it with CERT and the FBI.)
Here you are, for both www.networksolutions.com and www.nesol.com.
Jul 03 19:44 named_dump.db, all times GMT+2.
Also including "com" and "", dig at a time later than the cache.
Hoping this can help, supporting your search.
André.
$ORIGIN networksolutions.com.
www 100008 IN A 128.9.160.28 ;Cr=answer [195.8.99.11]
$ORIGIN NETSOL.com.
NS2 128197 IN A 207.159.77.19 ;NT=137 Cr=addtnl [195.8.99.11]
www 128197 IN A 209.196.47.124 ;Cr=answer [198.41.0.4]
NS 128197 IN A 198.41.0.196 ;Cr=addtnl [195.8.99.11]
com 477018 IN NS A.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS H.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS B.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS C.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS D.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS E.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS I.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS F.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS G.ROOT-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS J.GTLD-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS K.GTLD-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
477018 IN NS F.GTLD-SERVERS.NET. ;Cr=addtnl [193.0.14.129]
86141 IN SOA A.ROOT-SERVERS.NET. hostmaster.INTERNIC.NET. (
1999070206 1800 900 604800 86400 ) ;Cr=addtnl [195.8.99.11]
. 508491 IN NS L.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS M.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS A.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS H.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS B.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS C.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS D.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS E.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS I.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS F.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS G.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS J.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
508491 IN NS K.ROOT-SERVERS.NET. ;Cr=auth [128.9.0.107]
86376 IN SOA A.ROOT-SERVERS.NET. hostmaster.INTERNIC.NET. (
1999070206 1800 900 604800 86400 ) ;Cr=addtnl [193.0.14.129]
; <<>> DiG 2.1 <<>> com ns
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; Ques: 1, Ans: 12, Auth: 0, Addit: 12
;; QUESTIONS:
;; com, type = NS, class = IN
;; ANSWERS:
com. 463100 NS C.ROOT-SERVERS.NET.
com. 463100 NS D.ROOT-SERVERS.NET.
com. 463100 NS E.ROOT-SERVERS.NET.
com. 463100 NS I.ROOT-SERVERS.NET.
com. 463100 NS F.ROOT-SERVERS.NET.
com. 463100 NS G.ROOT-SERVERS.NET.
com. 463100 NS J.GTLD-SERVERS.NET.
com. 463100 NS K.GTLD-SERVERS.NET.
com. 463100 NS F.GTLD-SERVERS.NET.
com. 463100 NS A.ROOT-SERVERS.NET.
com. 463100 NS H.ROOT-SERVERS.NET.
com. 463100 NS B.ROOT-SERVERS.NET.
;; ADDITIONAL RECORDS:
C.ROOT-SERVERS.NET. 599681 A 192.33.4.12
D.ROOT-SERVERS.NET. 599681 A 128.8.10.90
E.ROOT-SERVERS.NET. 599681 A 192.203.230.10
I.ROOT-SERVERS.NET. 599681 A 192.36.148.17
F.ROOT-SERVERS.NET. 599681 A 192.5.5.241
G.ROOT-SERVERS.NET. 599681 A 192.112.36.4
J.GTLD-SERVERS.NET. 512125 A 198.41.0.21
K.GTLD-SERVERS.NET. 512125 A 195.8.99.11
F.GTLD-SERVERS.NET. 512125 A 207.159.77.18
A.ROOT-SERVERS.NET. 599681 A 198.41.0.4
H.ROOT-SERVERS.NET. 599681 A 128.63.2.53
B.ROOT-SERVERS.NET. 599681 A 128.9.0.107
;; Total query time: 46 msec
;; FROM: aix1.segi.ulg.ac.be to SERVER: default -- 127.0.0.1
;; WHEN: Sat Jul 3 23:44:39 1999
;; MSG SIZE sent: 21 rcvd: 434
; <<>> DiG 2.1 <<>> . ns
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; Ques: 1, Ans: 13, Auth: 0, Addit: 13
;; QUESTIONS:
;; ., type = NS, class = IN
;; ANSWERS:
. 513213 NS A.ROOT-SERVERS.NET.
. 513213 NS H.ROOT-SERVERS.NET.
. 513213 NS B.ROOT-SERVERS.NET.
. 513213 NS C.ROOT-SERVERS.NET.
. 513213 NS D.ROOT-SERVERS.NET.
. 513213 NS E.ROOT-SERVERS.NET.
. 513213 NS I.ROOT-SERVERS.NET.
. 513213 NS F.ROOT-SERVERS.NET.
. 513213 NS G.ROOT-SERVERS.NET.
. 513213 NS J.ROOT-SERVERS.NET.
. 513213 NS K.ROOT-SERVERS.NET.
. 513213 NS L.ROOT-SERVERS.NET.
. 513213 NS M.ROOT-SERVERS.NET.
;; ADDITIONAL RECORDS:
A.ROOT-SERVERS.NET. 599613 A 198.41.0.4
H.ROOT-SERVERS.NET. 599613 A 128.63.2.53
B.ROOT-SERVERS.NET. 599613 A 128.9.0.107
C.ROOT-SERVERS.NET. 599613 A 192.33.4.12
D.ROOT-SERVERS.NET. 599613 A 128.8.10.90
E.ROOT-SERVERS.NET. 599613 A 192.203.230.10
I.ROOT-SERVERS.NET. 599613 A 192.36.148.17
F.ROOT-SERVERS.NET. 599613 A 192.5.5.241
G.ROOT-SERVERS.NET. 599613 A 192.112.36.4
J.ROOT-SERVERS.NET. 599613 A 198.41.0.10
K.ROOT-SERVERS.NET. 599613 A 193.0.14.129
L.ROOT-SERVERS.NET. 599613 A 198.32.64.12
M.ROOT-SERVERS.NET. 599613 A 202.12.27.33
;; Total query time: 42 msec
;; FROM: aix1.segi.ulg.ac.be to SERVER: default -- 127.0.0.1
;; WHEN: Sat Jul 3 23:45:47 1999
;; MSG SIZE sent: 17 rcvd: 436
André PIRARD ULgNet Coordinator, Adm. & Support
SEGI - Université de Liège IP: 139.165.0.0 - ulg.ac.be
B26 - Sart Tilman www.ulg.ac.be
B-4000 Liège 1 (Belgium)
A.Pirard at ulg.ac.be +32-4-3664932 Fax: 2920
More information about the bind-users
mailing list