First of all, I am not an expert in DNS... that's why I am here to ask for
help. don't laugh at me if I am wrong.

I have tested this with my domain, this seems like a security hole to me
...My domain is registered with Register.com

1. Go to Register.com, login to my account (say "mycompany.com", doesn't
matter)
2. Add a new DNS entry
3. They will ask for HOST NAME and IP ADDRESS (they used to ask HOST name
only, not IP).
4. type host="testing.victim.com" (the host of the victim)
5. type ip = "24.102.80.12" (the IP address I want to point to, I just make
it up)
6. submit
7. After 24 hours, all the world's DNS server will resolve
testing.victim.com as 24.102.80.12. If you PING testing.victim.com from any
server outside the world say network-tools.com it gives you the
24.102.80.12

This is not good, now "testing.victim.com" is tied to the IP address, it
doesn't even try to resolve it from "victim.com" 's DNS server..... why is
this happening?? I have used http://network-tools.com/nslook/Default.asp
to verify my result..

If this is true, anyone can hijack other people's domain name using DNS and
point to his IP address? this is scary..

Help..

It's not scary at all, it is how the Internet works.

Although those DNS changes propogate to thousands of downstream DNS servers
throughout the world, only the "authoritative name server" can actually have
changes made to the specific DNS records. Google "authoritative name
server" to get more info on it.

The bottom line is that although other name servers have copies of the
records ( a, mx, etc ), only one can actually alter the values...

"Ivan Yonge" <yongenospanivan235@hotmail.com> wrote in message
news:nnwkc.320455$2oI1.230823@twister01.bloor.is.n et.cable.rogers.com...

"Ivan Yonge" <yongenospanivan235@hotmail.com> wrote in message
news:nnwkc.320455$2oI1.230823@twister01.bloor.is.n et.cable.rogers.com...
You cannot edit other peoples domains/zone files. If you logged on to your
domain management thingy and you domain is mydomain.com, and you create an A
record, say testing.victim.com (with an IP address of course) then all you
have created is testing.victim.com.yourdomain.com. What ever hostname you
define an A record for, the origin of the zone is appended.

yourdomain.com IN SOA ns1.yourdomain.com hosty.yourdomain.com (
<info for slaves
etc...> )

testing.victim.com IN A 24.102.80.12

The result of this is just testing.victim.com.yourdomain.com IN A
24.102.80.12

Anyone querying the real domain, victim.com WILL NOT query your name server
for that information. Your zone company.com cannot define any records for
another domain, otherwise we would all be able to point www.microsoft.com to
another server!

Chris.

In article <OtecnfKuNabMOj7dSa8jmA@karoo.co.uk>, "Chris" <chris@nospam>
wrote:
You seem to have totally missed the point of his complaint, as well as
the entire thread that ensued after it? He's not dealing with a domain
management tool, he's dealing with a domain registrar. The entry for
testing.victim.com that he created was a new nameserver host, so the
registrar entered it as a glue record in the .com domain.

If you're going to respond to 2-week-old messages, don't you think you
should read the rest of the thread first?

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA

I just subscribed to comp.protocols.dns (before I looked at
comp.protocols.dns.bind) and his question was the only item that appeared in
this thread. He cross posted to two news groups and then posted the same
question to a third group ... which I hadn't seen.

Jeez!