On Thursday, July 31, 2003 at 5:23 PM, Edward wrote: > IP Allocation has nothing to do with which IPs are being used.
Understood. <snipped some IP allocation stuff> > This is the right thing (even if I'm not useing any of those IPs) because > for a set period of time those IPs are my 'property' they are not IPs that > are available for anyone to use. They are there for me. > I'm not sure but I think that you are confusing this with the DNS > system. I don't believe that I am. Specifically, what I'd like to know is whether there are any security issues (pro or con) associated with the practice of having entries in a nameserver for IP addresses that are not "live." > However all the DNS system does is to translate a domain name > "sillyness.com" into an IP address. Once again this has nothing to do with > that IP address being used or not (although it would be a bit silly to > have a domain pointing at an unused IP address). This also has nothing to > do with IP allocations. You could happily register a domain name and point > it at an IP address that isn't owned or controlled by you Right, and this is the basis for my question. What are the security implications of having DNS records for unused IPs? What if someone hijacked that unused addy and put a machine up on the net with it and served up pirated music or worse? Won't someone be able to then access the machine by using that domain name and making things easier? How would you track that if it was someone doing something illegal? I realize that there are many ways to spoof things, manipulate the system, etc., but it just seems to me that this practice makes it that much easier for the bad guys. And I've also got questions about the liability. It's our address. Who's responsible for any illegal activities? Is there such a thing as "securing" your unused IP addresses? I'm sorry if I'm way off base here. As you can probably tell from the question, I am very much a newbie at this. I found a computer on the network that's been hooked up to the outside world using one of those addresses, bypassing all the security measures in place and it's got all kinds of ports open. I started thinking (that could be trouble). :) > But also with the DNS records, if the record exists then people can see > the information within it regardless of the IP address it points at being > active or not. Understood. In doing an NS lookup on any of the IP addresses that are "dead", I am getting a domain name back that roughly corresponds to what Scott mentioned in his e-mail - an identifier of sorts for the ISP. That's great that they've put the DNS records in there, and I am sure that it helps them sort out all kinds of things, but it raises the question of whether it is a security risk. Thanks for the response. -- Terry --------------------------------------------------------------------------- ----------------------------------------------------------------------------
