The server sucks. Who the fuck runs a "root nameserver" with open things like this? Open telnet, SMAIL on mail, and small-tcp (ATTACKABLE) services like chargen, echo, discard, Please. www3% telnet 199.5.157.5 Trying 199.5.157.5... Connected to 199.5.157.5. Escape character is '^]'. BSDI BSD/386 1.1 (NS2.NIC.EARTH) (ttyp1) login: ^DConnection closed by foreign host. www3% telnet 199.5.157.5 25 Trying 199.5.157.5... Connected to 199.5.157.5. Escape character is '^]'. 220 NS2.NIC.EARTH Smail3.1.28.1 #17 ready at Sat, 23 Nov 96 16:48 WET quit 221 NS2.NIC.EARTH closing connection ^PConnection closed by foreign host. www3% telnet 199.5.157.5 chargen Trying 199.5.157.5... Connected to 199.5.157.5. Escape character is '^]'. !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg ^] telnet> q Connection closed. www3% telnet 199.5.157.5 echo Trying 199.5.157.5... Connected to 199.5.157.5. Escape character is '^]'. ^] telnet> q Connection closed. www3% telnet 199.5.157.5 discard Trying 199.5.157.5... Connected to 199.5.157.5. Escape character is '^]'. ^] telnet> q Connection closed.
When history is made on the Internet, it is important to briefly pause to recognize the event, and then move forward.
Yes, that event will be celebrated world wide: The Day that Jim Fleming Left the Internet. We'll call it Ex-Jim Day.
1. First and foremost, this appears to be the first, public access, Root Name Server which operates as a TRUE NON-RECURSIVE Root Server [2]. This is a requirement which is part of the new root name server guidelines which are being discussed by the IETF and other engineering groups. The 9 "popular" root name servers use by many ISPs do NOT meet these guidelines and resolve second level names.[3]
It's their JOBS to resolve second level names, idiot. What do you think would happen if every time you queried for "unety.net NS" it just returned *.root-servers.net nameservers? Wouldn't get you very far.
True root name servers should do nothing but return references to TLD Name Servers [2], to reduce the scope of their control and their overall load.
.. and increase the amount of DNS traffic.
2. The official name of this root name server is...NS2.NIC.EARTH. Because of the growing availability of access to the new Top Level Domains, such as .EARTH, it seems appropriate to begin naming the new Root Name Servers with the newly available names.
"growing availability to new TLDs" or "the growing number of people who think they own a TLD when it's nothing more than vapor?"
3. This Root Name Server can be added to the growing collection of Root 64 Name Servers which can be freely used by ISPs in their "root.cache" files. Because this Root Name Server is supported by a commercial enterprise, and not a hodge podge of volunteers (or the U.S. Government), ISPs can use this Root Name Server to help bring added stability and performance to their systems. [4] [5]
Nah. I'll stick with mine. Thanks.
As has been proven over and over during the past year, new commercial Top Level Domains are a reality along with new commercial Root Name Servers. The business community is rising to the challenge of building a better, more complete, and better engineered Internet now that the research and development is largely over.
Even if you get 10,000 sysadmins to change their root.cache file, you will still be unreachable to 90% of the Internet unless you get the *.root-servers.net servers to officially recognize you.
More commercial Root Name Servers are being installed and tested.
Apparently AGN's wasn't one of them. It's a security hole waiting to happen. The last thing I want is some moron hacking into a server that I refer to as a root nameserver, changing the data, and giving my customers false information. Too much risk.
@@@@@@ [1] @@@@@@@@@
Result of: whois 199.5.156
Oh boy, i can 'whois'
The American Global Network, Inc. (NETBLK-RABBIT2)
IT'S R@BB1T.N3T!!@#!@#&!@#%!@%
@@@@@@ [3] @@@@@@@@@
Result of: dig @a.root-servers.net mcs.com any
; <<>> DiG 2.1 <<>> @a.root-servers.net mcs.com any ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10 ;; flags: qr rd; Ques: 1, Ans: 2, Auth: 2, Addit: 2 ;; QUESTIONS: ;; mcs.com, type = ANY, class = IN
;; ANSWERS: mcs.com. 172800 NS CEREBUS.mcs.com. mcs.com. 172800 NS KITTEN.mcs.com.
You don't understand the recursion flag, do you? Tell me, Jim, what would happen if you were right: What would happen if the root servers did not have an 'options no-recursion' option in the bootfile? (or, as your limited knowledge thinks, "named -r"?) Think, Jim. Think really hard. *.root-servers-net are "primary" nameservers for SLD's in the .COM zone. If you queried a root-servers.net nameserver for "mcs.com any" and got back a list of nameservers, you'd theoretically NEVER be able to get MCS.COM records. Here is how you test recursion: dig @a.root-servers.net some-hostname.xyz.com where 'some-hostname.xyz.com' is NOT a listed host for any domains. Here's proof. (aroot is a nickname for a.root-servers.net btw) ns1% dig @aroot news.multiverse.com. any ; <<>> DiG 2.2 <<>> @aroot news.multiverse.com. any ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10 ;; flags: qr rd; Ques: 1, Ans: 0, Auth: 5, Addit: 5 ;; QUESTIONS: ;; news.multiverse.com, type = ANY, class = IN ;; AUTHORITY RECORDS: MULTIVERSE.COM. 172800 NS A.DNS.MULTIVERSE.COM. MULTIVERSE.COM. 172800 NS NS2.OAR.NET. MULTIVERSE.COM. 172800 NS NS1.AMERICA.COM. MULTIVERSE.COM. 172800 NS STORM.LIGHTNING.NET. MULTIVERSE.COM. 172800 NS IN-ADDR.ARPA.COM. ;; ADDITIONAL RECORDS: A.DNS.MULTIVERSE.COM. 172800 A 207.170.128.10 NS2.OAR.NET. 172800 A 192.88.195.10 NS1.AMERICA.COM. 172800 A 206.125.236.11 STORM.LIGHTNING.NET. 172800 A 206.148.240.3 IN-ADDR.ARPA.COM. 172800 A 207.170.140.2 ;; Total query time: 76 msec ;; FROM: ns1 to SERVER: aroot 198.41.0.4 ;; WHEN: Sat Nov 23 16:52:44 1996 ;; MSG SIZE sent: 37 rcvd: 259 --- If this nameserver were recursive, it would have given me the "A" record for news.multiverse.com. But it didn't. Again proving that you don't know what you're talking about. Here's a server with recursion on: ns1% dig @ns.unety.net. news.multiverse.com a |more ; <<>> DiG 2.2 <<>> @ns.unety.net. news.multiverse.com a ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10 ;; flags: qr rd ra; Ques: 1, Ans: 1, Auth: 7, Addit: 7 ;; QUESTIONS: ;; news.multiverse.com, type = A, class = IN ;; ANSWERS: news.multiverse.com. 3597 A 207.170.128.13 ;; AUTHORITY RECORDS: MULTIVERSE.COM. 110501 NS A.DNS.MULTIVERSE.COM. MULTIVERSE.COM. 110501 NS NS2.OAR.NET. MULTIVERSE.COM. 110501 NS NS1.AMERICA.COM. MULTIVERSE.COM. 110501 NS STORM.LIGHTNING.NET. MULTIVERSE.COM. 110501 NS IN-ADDR.ARPA.COM. MULTIVERSE.COM. 3597 NS b.DNS.MULTIVERSE.COM. MULTIVERSE.COM. 3597 NS ns1.OAR.NET. ;; ADDITIONAL RECORDS: A.DNS.MULTIVERSE.COM. 156753 A 207.170.128.10 NS2.OAR.NET. 167647 A 192.88.195.10 NS1.AMERICA.COM. 110507 A 206.125.236.11 STORM.LIGHTNING.NET. 110507 A 206.148.240.3 IN-ADDR.ARPA.COM. 110507 A 207.170.140.2 b.DNS.MULTIVERSE.COM. 156753 A 207.170.128.11 ns1.OAR.NET. 167647 A 192.88.193.144 ;; Total query time: 26 msec ;; FROM: ns1 to SERVER: ns.unety.net. 207.32.128.1 ;; WHEN: Sat Nov 23 16:54:33 1996 ;; MSG SIZE sent: 37 rcvd: 341 Your nameserver! Please read up on how DNS works and then come back. Until then, go back to your playpen. -- jamie g.k. rishaw | work: jamie@multiverse.com | home: jamie@arpa.com url-free sig file | multiverse corporate support| work tel: 216 771 0002 "I'm a doctor, not a doorstop!" -EMH, "Star Trek: First Contact"
participants (1)
-
jamie@dilbert.multiverse.com