Yesterday, Paul Venezia, author of the Infoworld blog “The Deep End” wrote a post questioning whether our DNS servers were hacked. Paul writes:
“I was just hipped to the fact that two DNS servers apparently operated by Network Solutions aren’t returning valid results for some domains, notably www.google.com…”
Firstly and most importantly, we need to state that our nameservers have not been hacked, nor are our systems prone to the DNS cache poisoning flaw recently in the news.
Secondly, our nameservers are designed and intended to only be authoritative nameservers for domain names that we specifically manage for our customers. If our nameservers receive a DNS query for a domain name for which they are not authoritative, our nameservers will not recurse and will not provide accurate results.
However, this should not be an issue because our nameservers referenced in Paul’s posting should not be configured as a default (resolver) for client systems. For example, one would not configure our nameservers as the default resolvers on Paul’s “mba” system (see his examples), so authoritative only behavior shouldn’t be a problem.
Thirdly, this type of authoritative-only behavior is common practice throughout the industry. For example, query one of GoDaddy’s nameservers or one of SEDO’s nameservers and you’ll get the same result.
We respect InfoWorld and Paul, but it’s important to research and confirm the facts before simply stating an opinion. And in this case throwing the word hacked out there without proper homework seemed a little off kilter and unnecessarily causes false alarms when there is no need for them.Google+