ToshinoriMaeno/memo/2012-07-10について、ここに記述してください。
https://isc.sans.edu/diary.html?storyid=11770
最後のコメント
Likely not a password hack. Simple and old trick. Almost criminal that it still exists anywhere. These DNS providers were allowing users to create domains that were subdomains of other users domains. Some name server software will serve records for these subdomains if they are on the same name server even if NS records don't exist in the parent domain that delegate the subdomain. No decent DNS provider would or does allow this. posted by DMM, Thu Oct 13 2011, 06:44
他人にサブドメインを作らせるような運用をしているところはだめだめ。
委譲なしの「ゾーンファイル」を委譲があるかのように扱うサーバもだめだが、運用でカバーできる。
-- ToshinoriMaeno 2012-07-10 05:16:49