[Pdns-users] Verisign bullshit

Roeland Nieuwenhuis trancer at poweradmin.org
Tue Sep 16 16:09:23 UTC 2003 

> Quoting Damian Gerow (damian at sentex.net):
> > Thus spake bert hubert (ahu at ds9a.nl) [16/09/03 02:30]:
> > > It's not that simple. The only way so far to recognize 
> their bogus 
> > > answers is by IP address. They control the GTLD servers 
> and all GTLD 
> > > servers now show this behaviour. You can't easily do 
> without, except 
> > > by downloading the .COM and .NET source yourself.
> > > 
> > > I'll add a feature to pdns to ignore answers containing a 
> specified 
> > > IP address, which will effectively make this go away.
> > 
> > NANOG has posted some good ideas about this.  Instead of hardcoding 
> > the IP address, why not maintain a cache of '*.tld'?  i.e. when a 
> > request comes in for www.domain.nu, do a lookup on '*.nu', 
> and if the 
> > IP addresses match, return NXDOMAIN.  That way, you don't need to 
> > maintain a hard-coded list of IP addresses, and the cache should be 
> > relatively up-to-date.  This also catches all the other 
> domains (.nu 
> > is one) that are pulling the same shit.
> 
> Chris Adams posted this list of TLDs with wildcards on nanog:
> 
>     ac 
>     cc 
>     com 
>     cx 
>     mp 
>     museum 
>     net 
>     nu 
>     ph 
>     pw 
>     sh 
>     tk 
>     tm 
>     ws
> 
> Some have wildcard MX records too. More TLDs will probably follow.
> 
> I wonder if AOL, Mindspring, and other the bigggies will be 
> hacking their recursive name servers to deliver an A record 
> pointing to their pages instead of letting Verisign have 
> thier customer's typos.
> 
> John Capo
> 

Here is a simple script to find (a few? since .tk for example isnt
there) them:

dig AXFR . @F.ROOT-SERVERS.NET | grep NS | awk '{print $1}' | grep -vE
'\..*\.' | sort | uniq | xargs -n 1 -P 0 host > tld-with-a

There is a bunch responding, some nameservers dont respond it all so
there might be a few more.

For now this gives me this list:

AI                      A       209.88.68.34
BI                      A       194.183.245.222
DK                      A       193.163.102.10
CC                      A       206.253.214.102
PH                      A       203.119.4.7
PW                      A       65.125.231.178
PW                      A       216.98.141.250
GH                      A       196.3.64.1
NF                      A       216.171.228.19
TV                      A       65.201.175.144
MUSEUM                  A       195.7.77.17
MP                      A       202.128.12.163
TW                      A       192.83.166.11

Regards,

Roeland Nieuwenhuis
-----
http://www.poweradmin.org - PowerAdmin: The PowerDNS Frontend

More information about the Pdns-users mailing list