|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: lame delegations
At 11:57 AM -0400 8/18/00, John R. Levine wrote: Whoa! That's not (necessarily) what he said is happening. You're reading another sentence in there. He said they moved to another provider, so the new provider MUST be providing service of some kind, how about ... e.g.>Does anyone know of a way to reclaim IPs left registered as hosts byformer customers? Let's say Joe Blow moved to another service provider, but he still has ns.joeblow.dom and ns2.joeblow.dom registered using your IP numbers.Well, since the domain has no name service, it's clearly dead. Where: x.x.x.0/24 is ISP-ONE address-space, y.y.y.0/24 is ISP-TWO address-space. I set up domain.com, at ISP-ONE. I have ns1.domain.com/x.x.x.1, and ns2.domain.com/x.x.x.2. I move domain.com to ISP-TWO and I start using their name servers ns1.isptwo.com/y.y.y.1 and ns2.isptwo.com/y.y.y.2. The domain is NOT lame-delegated, but the address space has been appropriated from ISP-ONE's space In fact, this is a nice DoS in and of itself. Don't like someone? Set up name servers all throughout their address-space, so that they can't use them themselves without jumping through hoops, e.g., ISPONE.COM - x.x.x.0/24 NS1.ISPONESUCKS.COM - x.x.x.1 NS2.ISPONESUCKS.COM - x.x.x.2 ... NS255.ISPONESUCKS.COM - x.x.x.255 What's to stop a belligerent person from doing this? Especially is ISPONESUCKS.COM isn't lame, but maybe has REAL-NS1.ISPONESUCKS.COM - y.y.y.1 REAL-NS2.ISPONESUCKS.COM - y.y.y.2 So you can't easily forge to/from their namespace to delete the errant host declarations, because they can easily NAK the requests. If they're using a registrar with no mail-based forms at all (e.g., OpenSRS), then you can't even try to forge e-mail (since only the Registrar involved with the domain can alter the host-records associated with $DOMAIN) Has anyone seen this DoS in the wild? Strikes me as clinically stupid that nobody has seen this and exploited it in the past... D
|