spacer
spacer spacer  Log in | Join now --> spacer
Search /
Docfinder:
Advanced search  |  Help  |  Site map
spacer
spacer
RESEARCH CENTERS
spacer
Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile
SITE RESOURCES
spacer
Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings
spacer
spacer
spacer
TODAY'S NEWS
spacer
Sprint LTE coming to NY, LA, Chicago 'in the coming months'
Anonymous hacker claims responsibility for GoDaddy.com outage
RIP Bill Moggridge, Design Father of the Laptop
IT spending to grow in 2012 despite economic woes, says IDC
Intel tying server chips to fabric for cloud computing, HPC
Riverbed debuts amped-up Whitewater storage gateway, upgraded software
SDN bandwagon rolls ahead
Harry Potter's Emma Watson most dangerous celebrity to search for on Web
Gamification of the enterprise
Watch out Amazon, Apple: Toys R Us jumps into tablet market
CDW CEO: On growing services, cloud applications and reshaping IT
Low-cost RADIUS servers for Wi-Fi security
VMware officially joins OpenStack
HP security smorgasbord upgrades include management software, IPS and printer access
More breaking news
/

Taking the wrong root?

Internet veteran's DNS test raises hackles.

spacer
spacer
spacer spacer

spacer
spacer
spacer spacer

By Sandra Gittlen
Network World, 2/4/98

One man's test is another's attempted hijack.

spacer Last weekend, Jon Postel, who is responsible for assigning numerical IP addresses and Internet domain names such as .com, .org and .net, attempted to wrest control of some of the root servers that act as the Internet's global IP directories.

Although he was successful, had the test gone awry, it could have brought much of the Internet down. Some in the Internet community also expressed concern over the ease with which one person was able to take control of a key part of the Internet, even if only temporarily.

The root servers normally synchronize their IP information with Root Server A, the master root server owned by the government and run by Network Solutions, Inc. (NSI), in Herndon, Va. These slave root servers are located around the world and receive updates about domain names and IP addresses from the master server.

If the root servers malfunction, users might not be able to access Internet sites because the root servers cannot match the URLs to numerical IP addresses.

Postel is head of the Internet Assigned Numbers Authority (IANA), an organization that establishes IP addresses and oversees Internet domains. This past weekend, he set up a server at IANA to answer domain name queries and handle updates from many of the 12 root servers that normally get their information from Root Server A.

In a written statement, Postel said he wanted to see how easily management of the root servers could be passed to another machine when the government gives up its control of the domain system. A government "green paper" last month recommended handing the system over to an unformed nonprofit group. IANA would be folded into this group under the plan.

Postel had asked NSI for permission to conduct the test last month. However, NSI had said that in accordance with its government contract it had to get official clearance.

But Postel went ahead even without that clearance, said Dave Holtzman, senior vice president of engineering at NSI. Postel last week sent a letter to the operators of the 12 root servers asking them to reconfigure their machines to point to them at an IANA server, instead of Root Server A. This included configuring them to download updated domain files from IANA rather than from the master machine. All but the four root servers operated by the government complied with the request from Postel, long accepted as the leader of the domain community.

"As a verification that such a transfer can be accomplished smoothly and without interruption to the operational service, a test is being performed to rearrange the flow of root zone information," Postel wrote in his request to the operators.

But NSI had no idea what was going on until Akira Kato, who runs a root server in Japan, sent e-mail asking why his machine was out of sync with Root Server A. Postel had told him the test would not result in any noticeable difference between the records on his and the master server.

Becky Burr, a senior official with the Department of Commerce, said the government knew nothing of the test beforehand. "The timing is unfortunate," she said, referring to the release of the controversial domain plan.

Although no Internet users were affected by the test, some 'Net caretakers close to the situation blasted Postel for what they said was really a protest against the government's domain proposal. Some are concerned about the ease with which Postel was able to take control, even if only temporarily.

"Postel [conducted the test] entirely without authority and only stopped with strong comments from the U.S. government," said Karl Denninger, who runs MCSNet, a Chicago-based Internet service provider. "He ought to be investigated and if it is found to be illegal, he should be convicted and sent to jail."

Sources said government officials demanded Postel stop the test and hand back control to Root Server A as soon as they learned what he was doing.

"Had it gone wrong, it could have thrown the whole Internet off," said Richard Sexton, a Domain Name System (DNS) consultant and technologist in Ontario. "The government allowed him to save face by saying it was a test."

Denninger said Postel's test was not necessary because it involved a change in just one line in the servers' configuration files; something that is commonly done.

"There was no technical demonstration here," he said. "Trying to paint this as proof of concept is fraud. There was no reason to believe it would not work."

But Burr said nothing had been harmed and Postel "assured the government that everything would be returned to normal." She attributed Postel's actions to the fact that he is "used to having latitude." Under the new system, he no longer can act independently. However, many 'Net insiders agree, it is unclear who has authority during this transition period.

Adding insult to injury

It is no secret that Postel was unhappy with the government's recommendations about the DNS, sources close to the situation said.

In a statement from IANA, Postel said, "I am in agreement with the main theme of the proposal... I am less comfortable with the details of the proposal on how new generic top-level domains, registrars and registries would be established, and the restriction to only five new gTLDs."

The government's plan flies in the face of a plan that Postel had put forth with the Internet Society to create a Geneva-based cooperative called the Council of Registrars (CORE), 88 companies that would register under seven new gTLDs using a centralized database. Postel told these companies that he had the power to add these new gTLDs for them.

However, the government panned this idea and instead recommended that NSI keep control of the .com, .org and .net domains and that five gTLDs be created, but only one could be administered by CORE.

Once bitten

For some in the 'Net community, Postel's actions brought to mind Eugene Kashpureff, who is facing federal charges of computer and wire fraud for last year hijacking NSI's InterNIC Web site where users register their domain names.

Kashpureff redirected traffic to his AlterNIC Web site.


spacer spacer spacer
NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
spacer
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
spacer
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
Related searches:
postel internet server domain network
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.