An odd pattern of DNS failures began appearing in the logs yesterday:
May 20 15:05:19 PDT named[345]: wrong ans. name (uzmores.com != ns5.uzmores.com)
May 20 15:05:19 PDT named[345]: wrong ans. name (uzmores.com != ns4.uzmores.com)
May 20 15:05:19 PDT named[345]: wrong ans. name (uzmores.com !=
If not, have any root nameservers been hacked?
To partly answer my own question, no. The data returned by root
(gtld) nameservers is not changing rapidly. Thanks for the pointers
to "fast flux" too. Wasn't familiar with this attack or terminology.
All the same, it would seem to be an easy
On Sun, 20 May 2007, Roger Marquis wrote:
> > If not, have any root nameservers been hacked?
>
> To partly answer my own question, no. The data returned by root
> (gtld) nameservers is not changing rapidly. Thanks for the pointers
> to "fast flux" too. Wasn't familiar with this attack or ter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Roger Marquis <[EMAIL PROTECTED]> wrote:
>An odd pattern of DNS failures began appearing in the logs yesterday:
>
>May 20 15:05:19 PDT named[345]: wrong ans. name (uzmores.com !=
>ns5.uzmores.com)
>
Perhaps some fast-flux sticky cruft leftove
All the same, it would seem to be an easy and cheap abuse to address,
at the gtlds. Why are these obvious trojans are being propagated by
the root servers anyhow?
the root servers are responsible how exactly for the fast-flux issues?
Also, there might be some legittimate business that uses so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Roger Marquis <[EMAIL PROTECTED]> wrote:
>Nobody's saying that the root servers are responsible, only that they
>are the point at which these domains would have to be squelched. In
>theory registrars could do this, but some would have a financia
On Sun, 20 May 2007, Roger Marquis wrote:
> >> All the same, it would seem to be an easy and cheap abuse to address,
> >> at the gtlds. Why are these obvious trojans are being propagated by
> >> the root servers anyhow?
> >
> > the root servers are responsible how exactly for the fast-flux iss
