[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: [Full-Disclosure] Question for DNS pros

To: "'Paul Schmehl'" <pauls@xxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: FW: [Full-Disclosure] Question for DNS pros
From: "Paul Rolland" <rol@xxxxxxxxx>
Date: Tue, 27 Jul 2004 12:40:47 +0200

Hello,

> > The machine sending the queries is probably configured to use
> > your server as a complete DNS resolver and transfer all its queries
> > to your server.
> >
> Umm...I don't *have* a server at that address.  In fact, 
> there is no live 
> host at all at that address.  *That*, after all, is the 
> entire point of 
> this thread.

Understood, but this doesn't prevent someone from making a mistake
when creating its configuration file... and if the resolver has more
than one host (including yours), then failure from your machine will
simply let him skip to next host, which in fact only slows down DNS
resolution. Thus, people are likely to live with a broken configuration
for long...

Collect the source IP(s), find the admin and send him an email...

Regards,
Paul

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: FW: [Full-Disclosure] Question for DNS pros
  - From: Paul Schmehl

Prev by Date: Re: [Full-Disclosure] Automated SSH login attempts?
Next by Date: Re: [Full-Disclosure] MyDoom-M evades attachment filters
Previous by thread: Re: FW: [Full-Disclosure] Question for DNS pros
Next by thread: [Full-Disclosure] Worm_RBOT.EI
Index(es):
- Date
- Thread