DNS Attacks
John Cornelius
jc at hangarpilot.net
Fri Jul 25 22:14:15 UTC 2008
Bruno Wolff III wrote:
> ------snip-----
> Generally you mean the appropiate TLD servers as most newly registered
> domains don't go into the root servers.
>
>
Actually, I believe that they do but all that they do is provide a
pointer to the appropriate name server for the domain. Perhaps that's
what you meant but it didn't sound like it.
>> listed in the whois lookup. There is a time-to-live associated with the
>> addresses, so existing names may linger with the wrong addresses, though.
>>
>
> And some ISPs have been known to fudge these to be longer than what they
> are to cut down on queries. This breaks things like djbdns' feature of
> having the ttl count down as a cutover time is approached.
>
Indeed they do and it's tacky but what can you do?
--jc
More information about the users
mailing list