cname quick question
Jim Reid
jim at rfc1035.com
Fri Mar 9 00:20:58 UTC 2001
>>>>> "Brad" == Brad Knowles <brad.knowles at skynet.be> writes:
Brad> To me, this has all the smells of a lame delegation,
Brad> but as you point out, is not. So, I guess the real question
Brad> is -- how would you programatically detect a true lame
Brad> delegation, and not have your detector set off by this false
Brad> positive? Maybe you only do it by IP address and not by the
Brad> host/domain label?
Well I would have thought the tool should just do the Right Thing:
resolve the NS targets, complain if it finds CNAMEs or query the
resulting A/AAAA/A6 record(s) for authoritative answers.
Brad> Hmm. I guess someone is going to have to write a
Brad> paper on DNS nameserver fingerprinting, starting with the
Brad> sort of work previously done on OS fingerprinting using
Brad> TCP/IP.
Maybe Bill Manning could comment on the methodology he uses for his
quarterly in-addr.arpa survey?
Brad> Oops, I missed that. Speaking of unusual return
Brad> codes, what is "VRSN1" in the return codes for this query on
Brad> all of the *.gtld-servers.net machines?
It's not a return code. VRSN1 is the answer the VeriSign/NSI name
servers give when asked for a Chaosnet TXT record for version.bind.
You'd have to ask the .com folks why they do that. I don't know or
care.
More information about the bind-users
mailing list