1. DNS/lame_delegation/apnic

https://blog.apnic.net/2021/03/16/the-prevalence-persistence-perils-of-lame-nameservers/

The prevalence, persistence, and perils of lame delegations

By Gautam Akiwate

Lame delegations can introduce both performance and security risks.

乗取の危険性の説明は不十分だ。-- ToshinoriMaeno 2021-09-08 04:58:49

Why do lame delegations matter?

• Security Risk は Expired Domainにしか触れていない。

Types of lame delegations

  1. the nameserver is unreachable or unavailable;
  2. The nameserver may be misconfigured or not authoritative for the domain.
  3. has no valid resolution path

Identifying lame delegations using passive analysis

Findings and takeaways

.BIZ anomaly

In our passive analysis, we found nearly 50% of nameservers in .BIZ across eight years were lame delegated. 

Zombie sinkholed domains: Conficker Working Group saga

Contemporaneous lame delegations

Finally, lame delegations can also represent a potential security risk.

In some cases, the lame delegations occur as a result of expired nameserver domains, allowing attackers to take control of the domain resolution by re-registering this expired nameserver domain.

• これだけではない。使われているドメインだって、乗取られる。-- ToshinoriMaeno 2021-06-19 00:20:10

Contemporaneous lame delegations

In conclusion, our study found that lame delegations are prevalent, and in some cases created due to registrar operational practices.

More importantly, we saw that lame delegations can persist for a long time if they have functional alternative nameservice.

As such, the redundancy in DNS nameservice that helps domain availability can potentially hide broken delegations from domain owners. 

Finally, at times, lame delegations can become potential security risks, which can put the domain at peril.

Find bugs in your DNS zone files before deployment https://blog.apnic.net/2020/10/29/find-bugs-in-your-dns-zone-files-before-deployment/