Use of DNS servers
Kevin Darcy
kcd at daimlerchrysler.com
Thu Jun 28 23:20:53 UTC 2001
Brad Knowles wrote:
> At 11:31 AM -0400 6/28/01, Forrest Aldrich wrote:
>
> > So, before we draw conclusions about this usage, I'm wondering if someone
> > can shed some light on how this might occur, and perhaps what other people
> > have done about it.
>
> Some people out there actively search for nameservers owned by
> other people that will answer their recursive queries. They use this
> information for a variety of things, some of them use it to help them
> break into the sites in question.
Believe it or not, I think some moochers actually use other people's
openly-recursive nameservers to *host* their domains! Here's how I think they
work it: register an example.com domain, delegating to www.example.com (which
doesn't serve DNS) and a bunch of open-recursion nameservers. Since the glue
record for www.example.com then exists in the TLD servers, any recursive server
should be able to resolve that name. Voila! www.example.com is on the air and you
don't even need to pony up a nameserver to host it. Of course, you have to poke
those recursive nameservers periodically with queries to make sure they
*always* have www.example.com in their caches. And if any of them finally get
around to restricting recursion, you have to find some other open-recursion
sucker and replace the delegation record with that one instead.
I mean, how cheap and sleazy can you get? Especially since many registrars
nowadays will throw in DNS hosting (only for small domains, presumably) along
with the price of registration...
- Kevin
More information about the bind-users
mailing list