|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: WARNING: AOL is hosed (again)
James Rishaw <[email protected]> writes: > You can actually set a domain name so that it cannot be changed, by > any template, by any modification, correct guardian or NOT. > I would ass-u-me AOL did this, but obviously their DNS admins aren't > clued enough to figure this one out. > Tiem to hire people that know *all* of what they're supposed to do, not > just what they read out of an ORA book. Um, as anyone who's dealt with NSI on a non-casual level can tell you, it's entirely possible that AOL had Guardian set up to disallow any changes, as well as having the domain ``locked'' against any email changes at all, and still have an unauthorized change occur. This is *not* the first time a service-interrupting unauthorized DNS change (deliberate or accidental) has slipped through NSI, though this is almost definitely the biggest network to be affected. And, two years later, the BEFORE-USE Guardian attribute *still* doesn't work, natch. ObUsefulInformation: zone "aol.com" { type stub; file "zones/stub-aol.com"; masters { 152.163.200.52; 152.163.200.116; }; }; [ Only works in BIND 8, but why are you still running 4.9.* anyway? You can't put this into IOS, but you can put this into the nameservers that your router uses... :) ]
|