Re: DNS Attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bruno Wolff III wrote:

The only real delay when adding something new is getting the registered servers for a domain into the root servers. These should be the ones

Generally you mean the appropiate TLD servers as most newly registered
domains don't go into the root servers.

I guess things have changed - .com at least used to be known directly by the roots. Anyway, a query for an unknown domain has to start at the root servers and will resolve as soon as they know where to send it.

listed in the whois lookup. There is a time-to-live associated with the addresses, so existing names may linger with the wrong addresses, though.

And some ISPs have been known to fudge these to be longer than what they
are to cut down on queries. This breaks things like djbdns' feature of
having the ttl count down as a cutover time is approached.

And worse, applications may cache them for as long as they run.

--
  Les Mikesell
   lesmikesell@xxxxxxxxx

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux