DNS hijack?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Fri Nov 12 19:27:39 UTC 2021
On Thu, Nov 11, 2021 at 09:44:04PM +0000,
Richard <lists-nanog at listmail.innovate.net> wrote
a message of 37 lines which said:
> The second of these is returning the 208.nnn IPnumber for your
> a-record:
>
> dig @VOYAGER.VISER.NET 2dpnr.org
>
> 2dpnr.org. 300 IN A 208.91.197.132
It depends on where you are (from my resolver, I get
64.130.197.11). This is because the name voyager.viser.net is not
stable yet. Depending on your resolver, it points to 64.130.200.16 -
which seems to give correct answers - or to 208.91.197.132 - which
replies even for nonexisting domain names.
Lesson: don't use a name as an argument to dig's @
More information about the NANOG
mailing list