Is this a DNS security hole?
Ian Bedson
ianb at remove-to-reply.hp.com
Tue May 4 02:12:07 UTC 2004
On Mon, 03 May 2004 10:31:29 -0400, William Stacey [MVP] wrote:
> I would notify Register.com of this. They should not be putting this glue
> record in without checking with the victim.com domain owner.
Hi Everyone,
Interestingly I just tried to use the Register.com GUI to change the DNS
servers for one of my domains. The new DNS servers are not in the same
domain as the one I was modifying. The GUI would not allow me to do this.
I got an error message when I tried to use the URL in the email
confirmation message.
I have been told by their customer assistance people that I can now only
use DNS servers that are in the same domain as the one that I am updating.
By the way my previous DNS servers were not in the same domain either, and
I didn't have any problems updating my domain before. So this is obviously
a new policy that they have adopted.
Regards,
Ian
More information about the bind-users
mailing list