Is this a DNS security hole?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
First of all,  I am not an expert in DNS... that's why I am here to ask for
help. don't laugh at me if I am wrong.

I have tested this with my domain, this seems like a security hole to me
...My domain is registered with

1. Go to, login to my account (say "", doesn't
2. Add a new DNS entry
3. They will ask for  HOST NAME and IP ADDRESS (they used to ask HOST name
only, not IP).
4. type host=""  (the host of the victim)
5. type ip = "" (the IP address I want to point to, I just make
it up)
6. submit
7. After 24 hours, all the world's DNS servers will resolve  as If you PING from any
server say  it gives you the

This is not good,   now ""  is tied to the IP address, it
doesn't even try to resolve it from "" 's DNS server.....  why is
this happening??   I have used
to verify my result..

If this is true, anyone can hijack other people's domain name using DNS and
point to his IP address? this is scary..


Re: Is this a DNS security hole?

Ivan Yonge wrote:
Quoted text here. Click to load it

It's called DNS poisoning. There are methods to prevent it, like DNSsec,
but not everybody uses them. Man-in-the-middle attacks like DNS
poisoning are the reason why financial transactions use certificates to
authenticate the end points.

-- Lassi

Site Timeline