1. DNS/ManagedDNS

/GoDaddy   /NS1   /awsdns   /cloudflare   /google   /業者  

Contents

  1. DNS/ManagedDNS
    1. 任意のゾーンを作らせる
    2. Can I Take Over DNS?
    3. orphaned
    4. Vulnerability

日本語だと「DNS運用サービス」というあたりか。DNS/共用DNSサービスもだいぶ定着した。

https://en.wikipedia.org/wiki/List_of_managed_DNS_providers

Managed DNS Services Overview https://www.trustradius.com/managed-dns

1.1. 任意のゾーンを作らせる

かつてのさくらや現在のRoute53のように、サブドメインのゾーンを作らせるサービスもある。

委譲を残したまま、ゾーンを抹消しているものも多い。(awsdnsに多い。)-- ToshinoriMaeno 2023-01-18 00:30:14

1.2. Can I Take Over DNS?

A list of DNS providers and whether their zones are vulnerable to DNS takeover! Maintained by

https://github.com/indianajson/can-i-take-over-dns

DNS/floating_domains で名前の上がっている危険なサービス

DigitalOcean, Route53,

GoDaddy: https://arstechnica.com/information-technology/2019/01/godaddy-weakness-let-bomb-threat-scammers-hijack-thousands-of-big-name-domains/

Cloudflare

Subdomain Takeover: Going beyond CNAME https://0xpatrik.com/subdomain-takeover-ns/ ns_automation-2.png https://github.com/indianajson/can-i-take-over-dns

マネージドサービス時代のDNSの運用管理について考える 2021年7月9日 Internet Week ショーケース オンライン 2021 株式会社日本レジストリサービス(JPRS) 森下 泰宏 Copyright © 2021 株式会社日本レジストリサービス 1 ~ DNSテイクオーバーを題材に ~ ランチのおともにDNS https://www.nic.ad.jp/sc-2021/program/sc-2021-day2-0.pdf

1.3. orphaned

DNS/lame_delegationの危うさに改めて気付いた

The Hacker Blog

https://thehackerblog.com/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean/index.html

December 05, 2016

1.4. Vulnerability

The Managed DNS Vulnerability

The root of this vulnerability occurs when a managed DNS provider allows someone to add a domain to their account without any verification of ownership of the domain name itself.

This is actually an incredibly common flow (flaw?) and is used in cloud services such as AWS, Google Cloud, Rackspace and of course, Digital Ocean. The issue occurs when a domain name is used with one of these cloud services and the zone is later deleted without also changing the domain’s nameservers.

サービス利用を取りやめたにもかかわらず、ドメイン名のサーバ(登録)を変更し忘れていると危ない。w (他人がそのサーバにゾーンを作成する可能性がある。怖い状況になる。)

This means that the domain is still fully set up for use in the cloud service but has no account with a zone file to control it.

In many cloud providers this means that anyone can create a DNS zone for that domain and take full control over the domain.

This allows an attacker to take full control over the domain to set up a website, issue SSL/TLS certificates, host email, etc.

Worse yet, after combining the results from the various providers affected by this problem over 120,000 domains were vulnerable (likely many more).

MoinQ: DNS/ManagedDNS (last edited 2023-01-18 00:33:07 by ToshinoriMaeno)