[nsp-sec] GoDaddy DNS server "hijacking" .com ?
Florian Weimer
fweimer at bfk.de
Wed Oct 8 13:39:22 EDT 2008
* Johannes Ullrich:
> the Bind8 forwarder issue is my best guess at this point as well. I am
> actually a bit surprised that this just came up.
>
> would they actually need the .com/.org authority record to do the domain
> grapping?
Depends on the software they use. If it's plain BIND, they might not
have a choice.
I can't reproduce the issue from my network location, BTW. But our
sensors have picked up the record com/IN/NS/ns51.domaincontrol.com
pretty recently. Of course, there are many more such servers; it's
not just Godaddy.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list