MoinQ:

1. DNS/lame delegation

1.1. lame delegation は乗取の危険があります

DNS/lame_delegationを見てください。 Bard は 「ラメ委任」と呼んでいる。

xserver も危ない。 https://x.com/beyondDNS/status/1622838426461687808?s=20

Risky BIZness: risks derived from registrar name management https://dl.acm.org/doi/10.1145/3487552.3487816

ABSTRACT

In this paper, we explore a domain hijacking risk that is an accidental byproduct of 
undocumented operational practices between domain registrars and registries.
We show how over the last nine years over 512K domains have been implicitly exposed
to the risk of hijacking, affecting names in most 
popular TLDs (including .com and .net) as well as legacy TLDs with tight registration control 
(such as .edu and .gov).

Moreover, we show that this weakness has been actively exploited by multiple parties who,
over the years, have assumed control over 163K domains without having any 
ownership interest in those names. 

In addition to characterizing the nature and size of this problem, 
we also report on the efficacy of the remediation in response to our outreach with registrars.

Gautam Akiwate, Mattijs Jonker, Raffaele Sommese, Ian Foster, Geoffrey M. Voelker, Stefan Savage, and KC Claffy. 2020.
Unresolved Issues: Prevalence, Persistence, and Perils of Lame Delegations.
In Proceedings of the ACM Internet Measurement Conference (IMC). Virtual Event.Google ScholarDigital Library


Eihal Alowaisheq, Siyuan Tang, Zhihao Wang, Fatemah Alharbi, Xiaojing Liao, and XiaoFeng Wang. 2020.
Zombie Awakening: Stealthy Hijacking of Active Domains through DNS Hosting Referral.
In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS). Virtual Event.Google Scholar

Zhang M, Li X, Liu B, Lu J, Zhang Y, Chen J, Duan H, Hao S and Zheng X. (2023). Detecting and Measuring Security Risks of Hosting-Based Dangling Domains. Proceedings of the ACM on Measurement and Analysis of Computing Systems. 7:1. (1-28). Online publication date: 27-Feb-2023.

Akiwate G, Sommese R, Jonker M, Durumeric Z, Claffy K, Voelker G and Savage S. Retroactive identification of targeted DNS infrastructure hijacking. Proceedings of the 22nd ACM Internet Measurement Conference. (14-32).

1.2. サブドメインゾーンのNSを上位登録するのも危険です

状況: 親ドメイン名の問い合わせに対しては委譲登録されているNSはREFUSEDを返す。

登録の間違いの可能性はあるが、乗取を疑う。-- ToshinoriMaeno 2020-06-07 23:42:15

-- ToshinoriMaeno 2020-06-07 23:42:15

MoinQ: DNS/lame delegation (last edited 2024-11-28 22:03:23 by ToshinoriMaeno)