[nsp-sec] GoDaddy DNS server "hijacking" .com ?
Johannes Ullrich
jullrich at euclidian.com
Wed Oct 8 13:48:11 EDT 2008
yup. its gone. I guess they fixed whatever caused it.
On Wed, Oct 8, 2008 at 1:39 PM, Florian Weimer <fweimer at bfk.de> wrote:
> * Johannes Ullrich:
>
> > the Bind8 forwarder issue is my best guess at this point as well. I am
> > actually a bit surprised that this just came up.
> >
> > would they actually need the .com/.org authority record to do the domain
> > grapping?
>
> Depends on the software they use. If it's plain BIND, they might not
> have a choice.
>
> I can't reproduce the issue from my network location, BTW. But our
> sensors have picked up the record com/IN/NS/ns51.domaincontrol.com
> pretty recently. Of course, there are many more such servers; it's
> not just Godaddy.
>
> --
> Florian Weimer <fweimer at bfk.de>
> BFK edv-consulting GmbH http://www.bfk.de/
> Kriegsstraße 100 tel: +49-721-96201-1
> D-76133 Karlsruhe fax: +49-721-96201-99
>
More information about the nsp-security
mailing list