North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

MYDOMAIN.COM faking auth on COM.BR zone

  • From: Frederico A C Neves
  • Date: Fri Sep 01 18:54:26 2000

Dear Nanog Readers,

As we have not yet received any response from our abuse request
(attached) to MYDOMAIN.COM and more 10 phone calls we are looking for
help of any kind here.

COM.BR zone is populated with 280K zone delegations (92% of the .BR
registered domain names). Mydomain.com DNS servers are delegated to
1361 domains inside the .BR zone. We don't known why but these servers
are answering authoritatively to COM.BR zone and they are carrying a
wild card record to.

This is causing some confusion and trouble to buggy resolvers (notably
NT). If someone knows a contact different of the whois and the web
site information please let me known asap privately.

Best Regards
Frederico Neves
.BR tech contact

--begin
bash> dig @a.root-servers.net br ns

; <<>> DiG 8.2 <<>> @a.root-servers.net br ns 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 5
;; QUERY SECTION:
;;      br, type = NS, class = IN

;; ANSWER SECTION:
br.                     2D IN NS        NS.DNS.br.
br.                     2D IN NS        NS1.DNS.br.
br.                     2D IN NS        NS2.DNS.br.
br.                     2D IN NS        NS3.NIC.FR.
br.                     2D IN NS        NS-EXT.VIX.COM.

;; ADDITIONAL SECTION:
NS.DNS.br.              2D IN A         143.108.23.2
NS1.DNS.br.             2D IN A         200.255.253.234
NS2.DNS.br.             2D IN A         200.19.119.99
NS3.NIC.FR.             2D IN A         192.134.0.49
NS-EXT.VIX.COM.         2D IN A         204.152.184.64

;; Total query time: 768 msec
;; FROM: clone.registro.br to SERVER: a.root-servers.net  198.41.0.4
;; WHEN: Fri Sep  1 17:52:07 2000
;; MSG SIZE  sent: 20  rcvd: 209


bash> dig @NS.DNS.br. com.br ns

; <<>> DiG 8.2 <<>> @NS.DNS.br. com.br ns 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 3
;; QUERY SECTION:
;;      com.br, type = NS, class = IN

;; ANSWER SECTION:
com.br.                 1D IN NS        NS2.DNS.br.
com.br.                 1D IN NS        NS-EXT.VIX.COM.
com.br.                 1D IN NS        NS.DNS.br.
com.br.                 1D IN NS        NS1.DNS.br.

;; ADDITIONAL SECTION:
NS2.DNS.br.             1D IN A         200.19.119.99
NS.DNS.br.              1D IN A         143.108.23.2
NS1.DNS.br.             1D IN A         200.255.253.234

;; Total query time: 1 msec
;; FROM: clone.registro.br to SERVER: NS.DNS.br.  143.108.23.2
;; WHEN: Fri Sep  1 17:52:24 2000
;; MSG SIZE  sent: 24  rcvd: 157

bash> dig @ns1.mydomain.com com.br any

; <<>> DiG 8.2 <<>> @ns1.mydomain.com com.br any 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 7
;; QUERY SECTION:
;;      com.br, type = ANY, class = IN

;; ANSWER SECTION:
com.br.                 42m40s IN SOA   ns1.mydomain.com. hostmaster.com.br. (
                                        967828523       ; serial
                                        4h33m4s         ; refresh
                                        34m8s           ; retry
                                        1w5d3h16m16s    ; expiry
                                        42m40s )                ; minimum

com.br.                 3D IN NS        ns1.mydomain.com.
com.br.                 3D IN NS        ns2.mydomain.com.
com.br.                 3D IN NS        ns3.mydomain.com.
com.br.                 3D IN NS        ns4.mydomain.com.
com.br.                 1D IN A         208.184.130.40
com.br.                 1D IN MX        10 a.mx.mydomain.com.
com.br.                 1D IN MX        10 b.mx.mydomain.com.
com.br.                 1D IN MX        10 c.mx.mydomain.com.

;; ADDITIONAL SECTION:
ns1.mydomain.com.       3D IN A         208.184.130.51
ns2.mydomain.com.       3D IN A         208.184.130.52
ns3.mydomain.com.       3D IN A         208.184.130.53
ns4.mydomain.com.       3D IN A         208.184.130.55
a.mx.mydomain.com.      1D IN A         208.184.130.53
b.mx.mydomain.com.      1D IN A         208.184.130.51
c.mx.mydomain.com.      1D IN A         208.184.130.55

;; Total query time: 1022 msec
;; FROM: clone.registro.br to SERVER: ns1.mydomain.com  208.184.130.51
;; WHEN: Fri Sep  1 17:52:46 2000
;; MSG SIZE  sent: 24  rcvd: 340
--end

-- 
 ----------------------------------------------------------------
 Frederico A C Neves                          Registro .br - ANSP
 <[email protected]>                              R.Pio XI, 1500
 Tel +55-11-3645-2418         Sao Paulo - SP - Brazil - 05468-901
--- Begin Message ---
Dear Mr.,

As reported at the end of this email ns[1-4].mydomain.com are
answering .COM.BR queries authoritatively. As mydomain.com servers are
listed in 1361 domains this error is propagating very fast on buggy
resolvers.

Please take actions immediately to stop answering .COM.BR
authoritatively.

Frederico Neves
.BR Tech Contact
+55 11 3838-4130

--begin
bash> dig @NS1.mydomain.com www.uol.com.br any

; <<>> DiG 8.3 <<>> @NS1.mydomain.com www.uol.com.br any 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;;      www.uol.com.br, type = ANY, class = IN

;; ANSWER SECTION:
www.uol.com.br.         1D IN A         208.184.130.40

;; AUTHORITY SECTION:
com.br.                 3D IN NS        ns1.mydomain.com.
com.br.                 3D IN NS        ns2.mydomain.com.
com.br.                 3D IN NS        ns3.mydomain.com.
com.br.                 3D IN NS        ns4.mydomain.com.

;; ADDITIONAL SECTION:
ns1.mydomain.com.       3D IN A         208.184.130.51
ns2.mydomain.com.       3D IN A         208.184.130.52
ns3.mydomain.com.       3D IN A         208.184.130.53
ns4.mydomain.com.       3D IN A         208.184.130.55

;; Total query time: 4552 msec
;; FROM: fork.in.REGISTRO.BR to SERVER: NS1.mydomain.com  208.184.130.51
;; WHEN: Fri Sep  1 11:09:28 2000
;; MSG SIZE  sent: 32  rcvd: 196


bash> dig @NS1.mydomain.com com.br soa

; <<>> DiG 8.3 <<>> @NS1.mydomain.com com.br soa 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;;      com.br, type = SOA, class = IN

;; ANSWER SECTION:
com.br.                 42m40s IN SOA   ns1.mydomain.com. hostmaster.com.br. (
                                        967811974       ; serial
                                        4h33m4s         ; refresh
                                        34m8s           ; retry
                                        1w5d3h16m16s    ; expiry
                                        42m40s )                ; minimum


;; AUTHORITY SECTION:
com.br.                 3D IN NS        ns1.mydomain.com.
com.br.                 3D IN NS        ns2.mydomain.com.
com.br.                 3D IN NS        ns3.mydomain.com.
com.br.                 3D IN NS        ns4.mydomain.com.

;; ADDITIONAL SECTION:
ns1.mydomain.com.       3D IN A         208.184.130.51
ns2.mydomain.com.       3D IN A         208.184.130.52
ns3.mydomain.com.       3D IN A         208.184.130.53
ns4.mydomain.com.       3D IN A         208.184.130.55

;; Total query time: 898 msec
;; FROM: fork.in.REGISTRO.BR to SERVER: NS1.mydomain.com  208.184.130.51
;; WHEN: Fri Sep  1 10:44:16 2000
;; MSG SIZE  sent: 24  rcvd: 219

bash> dig @208.184.130.52 com.br soa

; <<>> DiG 8.3 <<>> @208.184.130.52 com.br soa 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;;      com.br, type = SOA, class = IN

;; ANSWER SECTION:
com.br.                 42m40s IN SOA   ns1.mydomain.com. hostmaster.com.br. (
                                        967811974       ; serial
                                        4h33m4s         ; refresh
                                        34m8s           ; retry
                                        1w5d3h16m16s    ; expiry
                                        42m40s )                ; minimum


;; AUTHORITY SECTION:
com.br.                 3D IN NS        ns1.mydomain.com.
com.br.                 3D IN NS        ns2.mydomain.com.
com.br.                 3D IN NS        ns3.mydomain.com.
com.br.                 3D IN NS        ns4.mydomain.com.

;; ADDITIONAL SECTION:
ns1.mydomain.com.       3D IN A         208.184.130.51
ns2.mydomain.com.       3D IN A         208.184.130.52
ns3.mydomain.com.       3D IN A         208.184.130.53
ns4.mydomain.com.       3D IN A         208.184.130.55

;; Total query time: 908 msec
;; FROM: fork.in.REGISTRO.BR to SERVER: 208.184.130.52
;; WHEN: Fri Sep  1 10:52:08 2000
;; MSG SIZE  sent: 24  rcvd: 219

bash> dig @208.184.130.53 com.br soa

; <<>> DiG 8.3 <<>> @208.184.130.53 com.br soa 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;;      com.br, type = SOA, class = IN

;; ANSWER SECTION:
com.br.                 42m40s IN SOA   ns1.mydomain.com. hostmaster.com.br. (
                                        967811974       ; serial
                                        4h33m4s         ; refresh
                                        34m8s           ; retry
                                        1w5d3h16m16s    ; expiry
                                        42m40s )                ; minimum


;; AUTHORITY SECTION:
com.br.                 3D IN NS        ns1.mydomain.com.
com.br.                 3D IN NS        ns2.mydomain.com.
com.br.                 3D IN NS        ns3.mydomain.com.
com.br.                 3D IN NS        ns4.mydomain.com.

;; ADDITIONAL SECTION:
ns1.mydomain.com.       3D IN A         208.184.130.51
ns2.mydomain.com.       3D IN A         208.184.130.52
ns3.mydomain.com.       3D IN A         208.184.130.53
ns4.mydomain.com.       3D IN A         208.184.130.55

;; Total query time: 893 msec
;; FROM: fork.in.REGISTRO.BR to SERVER: 208.184.130.53
;; WHEN: Fri Sep  1 10:52:21 2000
;; MSG SIZE  sent: 24  rcvd: 219

bash> 


bash> dig @208.184.130.55 com.br soa

; <<>> DiG 8.3 <<>> @208.184.130.55 com.br soa 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;;      com.br, type = SOA, class = IN

;; ANSWER SECTION:
com.br.                 42m40s IN SOA   ns1.mydomain.com. hostmaster.com.br. (
                                        967802099       ; serial
                                        4h33m4s         ; refresh
                                        34m8s           ; retry
                                        1w5d3h16m16s    ; expiry
                                        42m40s )                ; minimum


;; AUTHORITY SECTION:
com.br.                 3D IN NS        ns1.mydomain.com.
com.br.                 3D IN NS        ns2.mydomain.com.
com.br.                 3D IN NS        ns3.mydomain.com.
com.br.                 3D IN NS        ns4.mydomain.com.

;; ADDITIONAL SECTION:
ns1.mydomain.com.       3D IN A         208.184.130.51
ns2.mydomain.com.       3D IN A         208.184.130.52
ns3.mydomain.com.       3D IN A         208.184.130.53
ns4.mydomain.com.       3D IN A         208.184.130.55

;; Total query time: 763 msec
;; FROM: fork.in.REGISTRO.BR to SERVER: 208.184.130.55
;; WHEN: Fri Sep  1 10:52:32 2000
;; MSG SIZE  sent: 24  rcvd: 219

bash> 
--end

-- 
 ----------------------------------------------------------------
 Frederico A C Neves                          Registro .br - ANSP
 <[email protected]>                              R.Pio XI, 1500
 Tel +55-11-3838-4130         Sao Paulo - SP - Brazil - 05468-901

Attachment: pgp00004.pgp
Description: PGP signature

--- End Message ---

Attachment: pgp00005.pgp
Description: PGP signature