North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Is my BIND Server's Cache Poisioned ?
- From: Mark Andrews
- Date: Thu Jun 30 01:35:05 2005
> On Thu, 30 Jun 2005, Mark Andrews wrote:
> > No. These are just a mis-configured zones.
> > hangzhou.gov.cn only has glue records for the nameservers.
> > zpepc.com.cn has CNAMEs for the nameservers.
> > Both of these misconfigurations are visible to nameservers
> > that are IPv6 aware. Nameservers that are not IPv6 aware
> > are not likely to make the queries that make these
> > misconfigurations visible.
> Why would these dns misconfigurations be visible only to IPV6-aware servers?
Because IPv6 aware nameservers make AAAA queries for the
IPv6 addresses of the nameservers and as a result see the
NXDOMAIN / CNAME. The IPv4 only nameservers don't make
these queries, as a matter of practice, and only see the
problems if some client of the nameserver makes a query
for some records with the same name as that of the nameservers.
> William Leibzon
> Elan Networks
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org