[7194] in North American Network Operators' Group
Re: DNS contamination
daemon@ATHENA.MIT.EDU (Marc Slemko)
Thu Jan 23 19:55:27 1997
Date: Thu, 23 Jan 1997 17:50:17 -0700 (MST)
From: Marc Slemko <marcs@znep.com>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.3.95dg1.970123123647.15935R-100000@twinlark.arctic.org>
And, of possibly more importance to more people, is when people start
claiming bogus authority for the reverse of a /8. For example, last week
someone was claiming authority for 205.in-addr.arpa and 204.in-addr.arpa
instead of for their appropriate /24s. A good quarter of the servers I
checked had at least one of these bogus records, rendering reverse lookups
for 204 and/or 205 non-functional and messing up anything that relys on
reverse DNS working.
I think this is a big deal when it happens, especially for the people
using the address space it affects. Am I overreacting?
If the server admin is unreachable, I think the provider should attempt
contact and, if necessary, perhaps even filter the server. Most providers
seem to have a "oh, that's bad. We'll get to it in a day or two"
attitude. I tend to consider it a serious operational problem that needs
to be fixed ASAP.
On Thu, 23 Jan 1997, Dean Gaudet wrote:
> Is something like a web page listing the "bogusns"s of the day in order?
> We could include the broken servers that claim to be root servers for
> non-existant TLDs like .space.
>
> Dean
>
> On Thu, 23 Jan 1997, Dima Volodin wrote:
>
> > To all DNS admins:
> >
> > please check that you don't have 199.0.55.3 and 144.228.8.227 mentioned
> > anywhere in your files. If you do, remove such records and change your
> > DNS server software to something more reasonable.
> >
> >
> > Dima
> > fed up his ears with named's chronic inability to filter out bogus
> > additional records
> >
>
