c***@gmx.de
2012-08-29 03:29:42 UTC
aback.com has ns.buydomains.com as nameserver, which seem to
announce itself to be responsible for the whole .com tld and
answers positively to everything with bullshit spam ip addresses
causing all further .com domain queries to get resolved by that
spam ns.buydomains.com dns. :(
is this allowed by the standard? is there anything we can do
to prevent it from poisoning our cache?
rei2 Aug 29 04:25:26 [73792] 61255.1: sending to 192.54.112.30/h.gtld-servers.net aback.com ip
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 flags: rd
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 qd aback.com
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 ns aback.com ns ns.buydomains.com
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 ns aback.com ns this-domain-for-sale.com
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 ar ns.buydomains.com ip 64.95.64.93
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 ar this-domain-for-sale.com ip 64.95.64.96
rei2 Aug 29 04:25:26 [73792] 61255.2: sending to 64.95.64.93/ns.buydomains.com aback.com ip
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 flags: auth rd
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 qd aback.com
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 an aback.com ip 64.95.64.218
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 ns com ns ns.buydomains.com
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 ns com ns this-domain-for-sale.com
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 ar ns.buydomains.com ip 64.95.64.93
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 ar this-domain-for-sale.com ip 64.95.64.96
--
cinap
announce itself to be responsible for the whole .com tld and
answers positively to everything with bullshit spam ip addresses
causing all further .com domain queries to get resolved by that
spam ns.buydomains.com dns. :(
is this allowed by the standard? is there anything we can do
to prevent it from poisoning our cache?
rei2 Aug 29 04:25:26 [73792] 61255.1: sending to 192.54.112.30/h.gtld-servers.net aback.com ip
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 flags: rd
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 qd aback.com
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 ns aback.com ns ns.buydomains.com
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 ns aback.com ns this-domain-for-sale.com
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 ar ns.buydomains.com ip 64.95.64.93
rei2 Aug 29 04:25:26 61255: rcvd 192.54.112.30 ar this-domain-for-sale.com ip 64.95.64.96
rei2 Aug 29 04:25:26 [73792] 61255.2: sending to 64.95.64.93/ns.buydomains.com aback.com ip
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 flags: auth rd
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 qd aback.com
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 an aback.com ip 64.95.64.218
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 ns com ns ns.buydomains.com
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 ns com ns this-domain-for-sale.com
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 ar ns.buydomains.com ip 64.95.64.93
rei2 Aug 29 04:25:26 61255: rcvd 64.95.64.93 ar this-domain-for-sale.com ip 64.95.64.96
--
cinap