> In the past month or so I've run across two separate ISPs that are
> apparently polluting the DNS by returning A records in cases where the
> authoritative server would either return NXDOMAIN or no answers. The A
> records generally point to an HTTP server that will display
> advertisements, but I've also seen more sinister things happen.
>
> Is there anything that IETF as an organization, or IETF participants,
> can do to discourage this? To me this is fraud and unfair trade
> practice in addition to being a security threat (as people give their
> passwords when trying to connect to the wrong site) and harmful to
> applications (either because they do connect to a protocol engine on the
> wrong server, or they try to connect to a nonexistent protocol engine on
> the wrong server and treat the "connection refused" or "connection timed
> out" condition as a temporary error). I've also seen this break
> applications that speak both IPv4 and IPv6 by failing to return the AAAA
> records.
>
> I'm willing to write a draft explaining in detail why this is harmful,
> but somehow I think it will take more than just an RFC to get this
> practice stopped.
>
> Keith
This is very similar to the situation covered by RFC 1535.
Network Working Group E. Gavron
Request for Comments: 1535 ACES Research Inc.
Category: Informational October 1993
A Security Problem and Proposed Correction
With Widely Deployed DNS Software
In that case it was a bad search list. You got a response
you wern't expecting.
The correct response for a name that does not exist on
the Internet is Name Error. Any ISP that returns anything
else is committing fraud. They are not providing the product
that they advertised.
If my ISP in Australia tries this I will be contacting ACCC
http://www.accc.gov.au/ if I happen to notice. I run my own
nameservers.
Note: I don't consider that this covers signin screens as you
havn't at that point reached a agreement to provide Internet
access.
Mark
> _______________________________________________
> Ietf mailing list
> Ietf@ietf.org
> https://www1.ietf.org/mailman/listinfo/ietf
--
ISC Training! October 16-20, 2006, in the San Francisco Bay Area,
covering topics from DNS to DHCP. Email [EMAIL PROTECTED]
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
