Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
www.caida.org > publications : papers : 2020 : forgotten_side_dns
The Forgotten Side of DNS: Orphan and Abandoned Records
R. Sommese, M. Jonker, R. van Rijswijk-Deij, A. Dainotti, k. claffy, and A. Sperotto, "The Forgotten Side of DNS: Orphan and Abandoned Records", in Workshop on Traffic Measurements for Cybersecurity, Jun 2020.
|   View full paper:    PDF    |  Citation:    BibTeX   |

The Forgotten Side of DNS: Orphan and Abandoned Records

Raffaele Sommese2
Mattijs Jonker2
Roland van Rijswijk-Deij2
Alberto Dainotti1
kc claffy1
Anna Sperotto2
1

CAIDA, San Diego Supercomputer Center, University of California San Diego

2

Design and Analysis of Communication Systems (DACS)

DNS zone administration is a complex task involving manual work and several entities and can therefore result in misconfigurations. Orphan records are one of these misconfigurations, in which a glue record for a delegation that does not exist anymore is forgotten in the zone file. Orphan records are a security hazard to third-party domains that have these records in their delegation, as an attacker may easily hijack such domains by registering the domain associated with the orphan. The goal of this paper is to quantify this misconfiguration, extending previous work by Kalafut et al., by identifying a new type of glue record misconfiguration – which we refer to as abandoned records – and by performing a broader characterization. Our results highlight how the situation has changed, not always for the better, compared to a decade-old study.

Keywords: dns, topology
  Last Modified: Tue Jul-28-2020 14:29:56 UTC
  Page URL: https://www.caida.org/publications/papers/2020/forgotten_side_dns/index.xml