DNS Attacks

John Cornelius jc at hangarpilot.net
Fri Jul 25 22:14:15 UTC 2008

Bruno Wolff III wrote:
> ------snip-----
> Generally you mean the appropiate TLD servers as most newly registered
> domains don't go into the root servers.
Actually, I believe that they do but all that they do is provide a 
pointer to the appropriate name server for the domain. Perhaps that's 
what you meant but it didn't sound like it.
>> listed in the whois lookup.  There is a time-to-live associated with the  
>> addresses, so existing names may linger with the wrong addresses, though.
> And some ISPs have been known to fudge these to be longer than what they
> are to cut down on queries. This breaks things like djbdns' feature of
> having the ttl count down as a cutover time is approached.

Indeed they do and it's tacky but what can you do?


More information about the fedora-list mailing list