Support dangling ns records
Closed this issue · 4 comments
So that we can stop entire sub-domain takeovers
As a network administrator
I would like to be notified of ns records in a dns zone where I don't have a corresponding dns zone for the subdomain.
Describe the solution you'd like
I'd like a new resource type, ns-record, to be added to the list of entries detected as dangling.
Describe alternatives you have considered
Nope - for large dns deployments ns records are routinely used to simplify management.
Additional context
ns-records point to generic azure dns name-servers.
If I
- own mydomain.com and have Azure DNS managing it.
- create another Azure DNS record to manage sub.mydomain.com
- create an ns record set against mydomain.com pointing to the name servers controlling sub,mydomain.com (an Azure generic dns server such as "ns1-09.azure-dns.com")
- delete the sub-domain without deleting the ns record.
Someone else can now create a dns zone for sub.mydomain.com and has a chance of getting it on the same ns1-09.azure-dns.com Azure dns servers. When they do then they've effectively taken over an entire subdomain.
Happy to submit a pull request to detect this!
Sure @graemefoster would be happy to integrate your pull request.
Can I contribute to the above issue?
Can I contribute to the above issue?
Sure, you are welcome
Contribution merged . Closing