[rescue] whois advice needed
mouse at Rodents-Montreal.ORG
Tue Aug 28 14:25:01 CDT 2012
> It appears that dotster has copied my domain's nameserver config into
> someone else's domain. Since the whois for _their_ domain is now
> returning _my_ nameserver config, I'm seeing lots of requests for a
> zone that I don't handle.
But note that it may not be dotster's doing; it may be that dotster's
customer is who provided the bogons. From our perspective, it's
difficult to tell the difference.
> Surely there's a method for reporting this sort of thing?
There's probably supposed to be. But there are supposed to be lots of
things in Internet governance which do not actually exist.
> (I bet you could DOS a small DNS server pretty quickly if you listed
> it as authoritative for google or facebook...)
Probably. But doing so would break Google or Facebook. If you use a
heavily popular domain, the breakage will get noticed; if you use a
small domain, it won't be so effective.
Personally, if I discovered someone doing that, I'd probably set myself
up to serve it, with data consisting of a very-long-TTL NS record
naming localhost, with a glue record giving 127.0.0.1 as the address,
in a attempt to make querents go away. I'd probably also add a TXT
record explaining the situation, or pointing to a fetchable file that
explains the situation, for humans investigating.
If the traffic started to reach DoS levels, I'd probably treat it as a
I'd probably also send mail to the domains' contact address, but in the
catastrophe that is today's Internet governance, I wouldn't really
expect that to do any good - anyone who cares about doing things right
enough to get that right is probably not going to get the DNS wrong, or
is not going to tolerate a registrar getting it wrong, for long.
/~\ The ASCII Mouse
\ / Ribbon Campaign
X Against HTML mouse at rodents-montreal.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
More information about the rescue