Claiming Authority for root

David Mitchell davem at fdgroup.co.uk
Thu Jun 29 17:12:22 UTC 2000


> I would like to get people's opinions about setting up a server that
> thinks it is authoritative for the "." domain.
> 
[ snip ]
> 
> When a reply is given, my name server claims authority for the (root)
> domain.  Will other name servers on the internet see this information
> and start asking me for all of it's root requests?
> 
> We will probably have a * entry in that "." domain, so basically, if
> other machines on the internet start thinking that my server is a root
> server then I could effectively hijack the internet to my * entry....
> This would not be a good thing!

Dont do this!

Someone did a similar thing with the .org.uk domain a while ago.
Lots of NT name servers (sigh!) decided that this rouge site was clearly
authoritative for all .org.uk sites. Worse, the wildcard A record
they had meant that looking up www.anything.org.uk resolved to one
of their web servers.
I presume that BIND is better at ranking additonal data info etc, but
unfortuantely not everyone uses it.




More information about the bind-users mailing list