RE: Possible login/password grabbing ploy

On Mon, May 11, 1998, Joe Provo - Network Architect <> quoth:

Nothing at the real provider's home base, INSTANET.COM, reveals anything
of interest. Some kook thinking he can auction off typo domains?

Heey! I feel special!

bash-2.00$ host A
bash-2.00$ host A
bash-2.00$ host A

Think you are special? Wonder how The B&N (can't even spell it now after
looking at the variants they registered) book sellers must feel.



To see some of what these folks have registered.

Sadly that will only return 256 entries. The Internic claims to have not
given out the entire DNS database since March. Anyone know otherwise, or
how to quickly get WHOIS to return more than 256 entries on a

If you have a password you can get it (they give 'em out to
  people who ask.)

# If you have a password you can get it (they give 'em out to
# people who ask.)

Who do I ask? :wink:


_____ ___ ___

_ _| _ ) __| James W. Brinkerhoff <,>

  > > > _ \ _| TBE Network Security Administrator
Key fingerprint = 0E DA 27 39 91 1E B6 29 A4 D2 5E E5 FD 3B F4 3C
"There are two major products that come out of Berkeley: LSD and UNIX.
   We don't believe this to be a coincidence." - Jeremy S. Anderson

  (BTW, this is in the archives.)

I have asked four times and never even gotten an answer

J.D. Falk wrote:

Only if they chose to believe you have a good enough reason for wanting
them. I wanted them for what I thought was a totally legit purpose...we
were preparing to renumber, and as part of the task of renumbering, I
wanted to compile a list of all domains for which we're supposed to be
authorative. I was told "that's not good enough...send us the DNS server
info, we'll run the search and let you know how it turns out." I did so,
and never heard back.

The renumbering is now done...and I never did get to compile a list of all
the domains we're lame for.

The renumbering is now done...and I never did get to compile a list of all
the domains we're lame for.

we had a similar problem when we were switching off the machine formerly known
as, which seemed to have been a server for most of the UK's
DNS at some time, as well as being a resolver for pretty much everyone.

Nominet were helpful in providing a list of all domains which in theory it was
supposed to be primary or secondary for, but it didn't help where where other
delegations were made to it, such as .com and .org, and the was a

What we did in the end was to use TCPDUMP with a big packet length, dumped it
to a file, so that it showed the DNS transactions, and some judicious awk
hackery allowed us to see what it was being asked for, what zone transfers
worked and who was resolving off it.

We managed to stop most of the resolving, and eventually turned off recursion
to put an end to that!

When the deadline was reached to turn it off, we'd gotten the number of zones
down from many hundreds to perhaps a couple - just the ones where the TLD
delegations were untraceable or hopelessly broken.


We went through the same thing with them. The instructions at are incorrect (at last viewing) -> NSI bulletin 097-003

Zone file access and say send an

e-mail to This is not correct. You must send an
e-mail to with the information requested in the
bulletin. I told them about this error back in mid-February.

Moreover, they weren't granting access to anyone for awhile (thanks for
telling us); apparently, they weren't comfortable with some aspect of the
access process. After a month or two of waiting, they granted me access.

Meanwhile, I called them and got them to run a database dump of each of my
NS hosts, and I used the dump to check for lame delegations. The database
dump doesn't have the 256 host limit.

It turns out that the database dump is actually more useful than the zone
file access. It would be really nice if they'd 1) do away with the 256
host limit, and/or 2) provide an interface to the database that would allow
you to check the data on your hosts.



If that wasn't a good enough reason, then I submit that the person in
administrative control of that process knows nothing whatever about the
Internet, and should be relieved of that responsibility, if not their
job, immediately.

It casts serious doubt on NetSol's fitnes to operate a registry, as
well, I think.

Can you tell I'm not in a good mood right now?

-- jra