Re: DNS Attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jul 25, 2008 at 15:14:15 -0700,
  John Cornelius <jc@xxxxxxxxxxxxxxx> wrote:
>
>
> Bruno Wolff III wrote:
>> ------snip-----
>> Generally you mean the appropiate TLD servers as most newly registered
>> domains don't go into the root servers.
>>
>>   
> Actually, I believe that they do but all that they do is provide a  
> pointer to the appropriate name server for the domain. Perhaps that's  
> what you meant but it didn't sound like it.

No. The root servers have NS records for the TLD servers (some of which may
be on the same hardware as some root servers) and the TLD servers have NS
records for domains commonly registered. (Some domains are registered at
even lower levels, such as is common in several country code TLDs.)
The NS records include the name that points to the server that is authoritative
for that domain. (Though the domain pointed to may delegate that authority to
yet another server.) Along with the NS records a server being queried will
return glue records with the IP addresses of the servers being pointed to.
(The design of DNS isn't that great and the IP addresses really should have
been used in the NS records.) However, if the server being queried isn't
authoritative for the domain being pointed to you need to not trust that the IP
address applies for anything other than this query. (Some resolvers will
discard out of bailiwick glue records and you certainly don't want to cache
them where they could be used to resolve other queries.)

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux