A bit of a crazy question...

Kevin Darcy kcd at daimlerchrysler.com
Tue May 29 22:37:08 UTC 2001 

The namespace is delegated hierarchically. Unless the .org nameservers delegate
slashdot.org to your nameserver, then under normal circumstances no other
nameserver will ask yours about names in slashdot.org and therefore won't have
a chance to get confused or spoofed. Defining slashdot.org on your nameserver
therefore does little more than blind your own clients to the real slashdot.org
domain. If you want to shoot yourself in the foot like that, go ahead...

What *does* sometimes cause problems, however, is when a nameserver is
delegated something like example.com along with other domains, but the
maintainers are lazy and they put everything into a local ".com" zone. Then
that nameserver claims authority for all of .com in its response for
example.com. If other nameservers believe that (bogus) claim of authority, then
those nameservers will start to use the example.com nameserver *exclusively*
for *all* .com names, and thus become blinded to all of the .com domains that
the example.com nameserver *doesn't* know about (since obviously it couldn't
and/or wouldn't want to serve a mirror copy of the *entire* .com zone). When
folks pull that crap, they need to be forced into compliance. Threatening to
get their domain registration(s) revoked usually does the trick.


- Kevin

Himal Mandalia wrote:

> I'm thinking of setting up a name server on my linux box for educational
> purposes. I've got my hands on a lot of documentation, so that's fine, but
> there's one thing I haven't found an answer to:
>
> If I set up the dns server on the internet (just through dialup) and map an
> existing domain name (ie; slashdot.org) to my setup, will that cause
> problems on the internet. I have no intention of doing this if will be
> problematic to anyone, but I just need to know what keeps someone from just
> "hijacking" a domain name through their dns setup.
> If their are two entries in the domain name system for a site(one right, the
> other an atemp at causing havoc) and each one specifies a different IP, how
> is it determined which one is correct?
>
> Thanks.

More information about the bind-users mailing list