North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: lame delegations

  • From: Derek J. Balling
  • Date: Fri Aug 18 12:45:38 2000

At 11:57 AM -0400 8/18/00, John R. Levine wrote:
 >Does anyone know of a way to reclaim IPs left registered as hosts by
former customers? Let's say Joe Blow moved to another service provider,
but he still has ns.joeblow.dom and ns2.joeblow.dom registered using your
IP numbers.
Well, since the domain has no name service, it's clearly dead.
Whoa! That's not (necessarily) what he said is happening. You're reading another sentence in there. He said they moved to another provider, so the new provider MUST be providing service of some kind, how about ... e.g.

Where: x.x.x.0/24 is ISP-ONE address-space, y.y.y.0/24 is ISP-TWO address-space.

I set up, at ISP-ONE. I have, and

I move to ISP-TWO and I start using their name servers and

The domain is NOT lame-delegated, but the address space has been appropriated from ISP-ONE's space

In fact, this is a nice DoS in and of itself. Don't like someone? Set up name servers all throughout their address-space, so that they can't use them themselves without jumping through hoops, e.g.,

ISPONE.COM - x.x.x.0/24

NS255.ISPONESUCKS.COM - x.x.x.255

What's to stop a belligerent person from doing this? Especially is ISPONESUCKS.COM isn't lame, but maybe has


So you can't easily forge to/from their namespace to delete the errant host declarations, because they can easily NAK the requests. If they're using a registrar with no mail-based forms at all (e.g., OpenSRS), then you can't even try to forge e-mail (since only the Registrar involved with the domain can alter the host-records associated with $DOMAIN)

Has anyone seen this DoS in the wild? Strikes me as clinically stupid that nobody has seen this and exploited it in the past...