mailing list archive
"G. L. `Griz' Inabnit" (griz@coinet.com)
Thu, 21 Oct 1999 10:15:58 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hot Damn!!
Leave it to Gert to turn on more lights in one single E-mail than all
of the nasty books I've been reading!!!
[rant]
Gert!!, Thank You Very Much for this SUPERB piece of tutelage! I have
been reading on how to "back-track" bad sites/IP's, but hadn't gotten ANYWHERE
near this close, this quickly, ever!! :--) I sure do hope I can meet you when
you are over here!! You're a damn fine teacher! Keep up the Good Work(s). :--)
[/rant]
G. L. `Griz' Inabnit
p.s. I know this is "off the beaten path:" for this news-group, but I just had
to respond. I'll go back to lurking now. :--)
On Thu, 21 Oct 1999, you wrote:
> <Hi,
> <
> <On Wed, Oct 20, 1999 at 05:11:40PM +0200, Jason Hoffman (EUS) wrote:
> <> I have the same problem. My DNS resolves eli.elilabs.com but not www.elilabs.com <http://www.elilabs.com> . I know it's been that way for a couple of weeks now.
> <
> <Same here:
> <
> <gert@greenie:/u/gert$ host www.elilabs.com
> <Host not found.
> <gert@greenie:/u/gert$ host eli.elilabs.com
> <eli.elilabs.com has address 204.248.49.62
> <
> <(btw: there's an MX record missing here)
> <
> <OK, so let's look at the problem's source...
> <
> <gert@greenie:/u/gert$ dig @eli.elilabs.com elilabs.com soa
> <...
> <;;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
> <...
> <eelilabs.com. 1D IN SOA elilabs.com. root.elilabs.com. (
> < 991020 ; serial
> <...
> <;;; AUTHORITY SECTION:
> <elilabs.com. 1D IN NS eli.elilabs.com.
> <
> <ok, so "eli" thinks it's authoritative name server (and the only one,
> <which is ugly in itself) for "elilabs.com".
> <
> <
> <Querying "eli" for "www.elilabs.com" gives the following:
> <
> <gert@greenie:/u/gert$ dig @eli.elilabs.com www.elilabs.com any
> <...
> <;;; ANSWER SECTION:
> <www.elilabs.com. 1D IN CNAME eli.elilabs.com.
> <
> <;; AUTHORITY SECTION:
> <elilabs.com. 1D IN NS eli.elilabs.com.
> <
> <;; ADDITIONAL SECTION:
> <eli.elilabs.com. 1D IN A 204.248.49.62
> <
> <
> <So, it seems that my DNS queries go to the wrong host. So what has
> <Internic to say about this?
> <
> <$ whois -h whois.internic.net elilabs.com
> < Domain Name: ELILABS.COM
> <
> < Administrative Contact:
> < Brown, Robert (RB6319) postmaster@ELILABS.COM
> < (847) 705-0424 (FAX) (847) 705-3976
> <...
> < Domain servers in listed order:
> <
> < NS1.XNET.COM 198.147.221.34
> < NS2.XNET.COM 198.147.221.35
> <
> <
> <... which isn't really the same set of name servers... Now, let's query
> <nns1.xnet.com (which is what my DNS client will do):
> <
> <gert@greenie:/u/gert$ dig @ns2.xnet.com www.elilabs.com
> <...
> <;;; ANSWER SECTION:
> <www.elilabs.com. 1D IN CNAME eli.elilabs.com.
> <eli.elilabs.com. 1D IN A 204.248.49.62
> <
> <Hmmm. Those *do* have the correct answer. Nevertheless:
> <
> <gert@greenie:/u/gert$ host www.elilabs.com
> <Host not found.
> <
> <OK. Now let's go the hard way: ask the root name servers, and go step by
> <step...
> <
> <gert@greenie:/u/gert$ dig @a.root-servers.net elilabs.com ns
> <[..]
> <;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> <;; AUTHORITY SECTION:
> <COM. 1D IN SOA A.ROOT-SERVERS.NET. hostmaster.internic.NET. (
> <[..]
> <
> <Now this is interesting. This name server (a.root-servers.net) is *the*
> <authoritative server for .COM, but it claims "there are no NS records for
> <elilabs.com". So it seems that elilabs.com isn't properly delegated to
> <ns1.xnet.com / ns2.xnet.com at all, but instead, the stuff is contained in
> <the .COM zone itself:
> <
> <gert@greenie:/u/gert$ dig @a.root-servers.net eli.elilabs.com any
> <[..]
> <;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 12, ADDITIONAL: 12
> <;; QUERY SECTION:
> <;; eli.elilabs.com, type = ANY, class = IN
> <
> <;; ANSWER SECTION:
> <eli.elilabs.com. 2D IN A 204.248.49.62
> <
> <And indeed, that seems to be the case. Internic has put the "eli"
> <record into the .com zone itself, and not delegated elilabs.com properly
> <to the nameservers they list in their own databse. Ugh.
> <
> <And now, for the last test...
> <
> <gert@greenie:/u/gert$ dig @a.root-servers.net www.elilabs.com any
> <[..]
> <;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10
> <;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> <;; QUERY SECTION:
> <;; www.elilabs.com, type = ANY, class = IN
> <
> <this means "I am authoritative for this question (aa), it's NOT delegated
> <to a different set of nameserver, and there is NO such entry (NXDOMAIN)".
> <
> <
> <
> <Sooo... what this lengthy posting means is that either InterNIC or the ISP
> <that manages the elilabs.com domain for you has goofed massively, and "the
> <world" has a completely different view of elilabs.com than your system and
> <the XNET.COM name servers.
> <
> <(In addition, the zone isn't setup too well - the NS records do not
> <match the actual set of name servers, the MX records are missing, the
> <contact information in the SOA looks unhealthy, 192.168.x addresses
> <shouldn't be visible world-wide. But that's off-topic for the mgetty
> <list - it's just my business hat speaking...).
> <
> <gert
> <--
> <USENET is *not* the non-clickable part of WWW!
> < //www.muc.de/~gert/
> <Gert Doering - Munich, Germany gert@greenie.muc.de
> <fax: +49-89-35655025 gert.doering@physik.tu-muenchen.de
--
If LINUX rox,
then KDE rulz!
------------------------------------------------
M$ Windoz 98.....
A 32 bit extension and a graphical shell for a 16 bit patch to
an 8 bit operating system originally coded for a 4 bit microprocessor,
written by a 2 bit company that can't stand 1 bit of competition!!
In a world without fences, who the hell needs Gates??
Always remember, and never forget;
Windoz were made to be broken!!
M$ Windoz, brought to you by the Gates of Hell!
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: FNRRn/MSyVHyYVl1VTFVGUI7/gi2ChZ9
iQA/AwUBOA8+DQhnWicv+0tKEQLFRACggXpYS82rKlwBM5n8DJXc7zS1XmcAoNb/
Qjo7z+BHNA9qtujDE9wzG8R8
=EGSx
-----END PGP SIGNATURE-----