Path: utzoo!attcan!uunet!tut.cis.ohio-state.edu!cis.ohio-state.edu!karl_kleinpaste
From: karl_kleinpaste@cis.ohio-state.edu
Newsgroups: comp.protocols.tcp-ip.domains
Subject: A plea for care when faking top-level domains
Message-ID: <KARL.90Jul18091853@giza.cis.ohio-state.edu>
Date: 18 Jul 90 13:18:53 GMT
Sender: news@tut.cis.ohio-state.edu
Organization: Ohio State Computer Science
Lines: 70

I know that, periodically, people have a need to fake a top-level
domain for one reason or another.  No real argument with that;
sometimes it seems to make sense.  But it becomes a real problem when
the bogus information bleeds outside of your own domain.  In poking at
my nameservers for nic.ddn.mil, the authority section contained the
following fascinating set of purported root servers:

| For authoritative answers, see:
| .       0 IN    NS      NS.NIC.DDN.MIL
| .       0 IN    NS      NS.NASA.GOV
| .       0 IN    NS      TERP.UMD.EDU
| .       0 IN    NS      A.ISI.EDU
| .       0 IN    NS      AOS.BRL.MIL
| .       0 IN    NS      GUNTER-ADAM.AF.MIL
| .       0 IN    NS      C.NYSER.NET
| .       0 IN    NS      munnari.OZ.AU
| .       0 IN    NS      localhost

Ahem.  Munnari should not be there, and I assure you that I'm making
no attempt to arrogate root server status to myself.  The TTLs leave
me feeling kinda woozy.

Bunches of my nameservers are infected with this information, even
some my slave servers doing nothing but serving workstation subnets.
All four of my primary nameservers have it; three of those four also
have more than one SOA RR for `.'; and one of those has no less than
FIVE, two of which are bogons:

.       85638 IN        SOA     NS.NIC.DDN.MIL HOSTMASTER.NIC.DDN.MIL(
                        900716  ;serial (version)
                        1800    ;refresh period
                        300     ;retry refresh this often
                        604800  ;expiration period
                        86400   ;minimum TTL
                        )
.       68523 IN        SOA     NS.NIC.DDN.MIL HOSTMASTER.NIC.DDN.MIL(
                        900712  ;serial (version)
                        1800    ;refresh period
                        300     ;retry refresh this often
                        604800  ;expiration period
                        86400   ;minimum TTL
                        )
.       12367 IN        SOA     NS.NIC.DDN.MIL HOSTMASTER.NIC.DDN.MIL(
                        900709  ;serial (version)
                        1800    ;refresh period
                        300     ;retry refresh this often
                        604800  ;expiration period
                        86400   ;minimum TTL
                        )
.       10357 IN        SOA     Himmelsborg.dna.lth.se hostmaster.sunic.sunet.se(
                        1990070502      ;serial (version)
                        28800   ;refresh period
                        7200    ;retry refresh this often
                        604800  ;expiration period
                        86400   ;minimum TTL
                        )
.       12562 IN        SOA     nic.nordu.net hostmaster.nic.nordu.net(
                        900702  ;serial (version)
                        28800   ;refresh period
                        7200    ;retry refresh this often
                        604800  ;expiration period
                        86400   ;minimum TTL
                        )

Mental violence manifested before us all.  Yowza.  If it matters, I'm
running UToronto BIND 4.8.2 on assorted Pyramids.

Prettyplease, be careful when you do this sort of thing...

--karl