> Tons of people have used our domain name servers without permission.
I periodically audit the zones which claim to be served here. For those
which have been delegated lamely, I create a *primary* zone
How do you find them all? You could check your DNS logs for lame
delegations and collect a list, but that's not all that great.
I agree that the Internic should check nameservers before putting up a
domain, even though it's more resource intensive. In addition to
controlling speculators, it might just prevent or at least detect
honest mistakes.
The CA-Domain registration authority used to do this but I don't think
they do it anymore.
While they're at it, I should be able to NAK a registration or domain
modification so that it is cancelled if I don't want it on my nameservers.
-Phil
Get your nameserver's NIC handle (for example, my own
ns.cybernothing.org is NS21329-HST), and try:
whois "server NS21329-HST"
This'll give you a list of up to 256 domains registered on
that nameserver. If you have more, I hear the 'NIC will
give you a list if you ask.
had this to say about "Re: Broken domain statistics...":
> > Tons of people have used our domain name servers without permission.
>
> I periodically audit the zones which claim to be served here. For those
> which have been delegated lamely, I create a *primary* zone
How do you find them all? You could check your DNS logs for lame
delegations and collect a list, but that's not all that great.
You can find the first 256 domains registered to your DNS by using the
command:
whois "server <server-handle>" where server-handle is the handle
assigned to your DNS host by InterNIC.
I agree that the Internic should check nameservers before putting up a
domain, even though it's more resource intensive. In addition to
controlling speculators, it might just prevent or at least detect
honest mistakes.
In the latest domain-dispute policy to go into effect on the 25th,
the document states in part:
8.The requirement for operational service from two DNS servers has been
deleted.
The CA-Domain registration authority used to do this but I don't think
they do it anymore.
While they're at it, I should be able to NAK a registration or domain
modification so that it is cancelled if I don't want it on my nameservers.
Except for the fact that BEFORE-USE still hasn't been implemented 
In fact, I've often received the "Please ACK/NAK this request" letter
*AFTER* receiving a message saying "Registration for the domain name shown
below has been completed." NAK's rarely work in these cases unless I make
a phone call to stop it.
Registration/delegation of domains here (i.e. com.au, net.au) requires the
servers to be functional beforehand ... they are checked at form submission
... of course you can always pull it down later ...
Damien
Additionally there is a problem where the InterNIC refuses to remove DNS
entries even when the DNS site requests it. For example:
# whois cyberpromo.com
Cyber Promotions, Inc (CYBERPROMO-DOM)
8001 Castor Avenue Suite #127
Philadelphia, PA 19152
US
Domain Name: CYBERPROMO.COM
Administrative Contact, Technical Contact, Zone Contact:
Wallace, Sanford (SW1708) domreg@CYBERPROMO.COM
215-628-9780
Billing Contact:
Wallace, Sanford (SW1708) domreg@CYBERPROMO.COM
215-628-9780
Record last updated on 24-Jan-97.
Record created on 26-Apr-96.
Database last updated on 12-Feb-98 04:16:59 EDT.
Domain servers in listed order:
NS7.CYBERPROMO.COM 205.199.2.250
NS5.CYBERPROMO.COM 205.199.212.50
NS8.CYBERPROMO.COM 207.120.46.30
NS9.CYBERPROMO.COM 209.40.15.21
# whois 205.199.2.0
AGIS/Net99 (NETBLK-NET99-BLK4)
3601 Pelham
Dearborn, MI 48124
Netname: NET99-BLK4
Netblock: 205.198.0.0 - 205.199.255.0
Maintainer: AGIS
# whois 207.120.46.0
New Mellenium Cafe (NETBLK-NEW-MEL) NEW-MEL 207.120.46.0 -
207.120.46.63
Both AGIS and New Millenium would glady have the entries dropped if they
could. Particularly since New Millenium is not able to use the
207.120.46.30 to date due to anti-spam attacks
Phillip Vandry <vandry@Mlink.NET> writes:
How do you find them all? You could check your DNS logs for lame
delegations and collect a list, but that's not all that great.
NSI used to make the root zone files freely available via FTP; they are
still up for FTP, but not without restriction. You can apply to NSI to
get a login and password to FTP into the restricted zone host; if you
have a decent justification for why you need the data, you can obtain
one without much trouble.
Once you have the root zone files, you can list all of the domains
registered on your nameservers; I have a small set of perl scripts
that massage the data into a more usable format. I've been meaning
to tar them up and make them available for a while now. Or roll
your own, it's not particularly difficult.
[ ... ]
While they're at it, I should be able to NAK a registration or domain
modification so that it is cancelled if I don't want it on my nameservers.
According to the original Guardian paper, setting the BEFORE-USE
attribute on a host record would require the nameserver admin to ACK
every domain registration before their nameserver could be listed for
that domain. However, the BEFORE-USE attribute has never been implemented
for contacts or host records.
When the issue was raised on guard-talk@internic long long ago, an NSI rep
explained that BEFORE-USE was never implemented because ``there was no
consensus from the community that we should implement BEFORE-USE'', and
because they were ``afraid that people would erroneously set BEFORE-USE
on their nameservers or contacts and be deluged with mail requesting
ACKs on new domain registrations, and new domain registrations would
get slowed down, and the queues would back up forever'' (paraphrased).
I may actually still have that thread in an old guard-talk mailbox,
I should dig it up.
That brings up another question. What can/should be done with such
"tainted" IP space? Who in their right mind would want space previously
used by Cyberpromo? It's almost as if they destroyed the IP space they
used.