NAMESERVER07: To check whether authoritative name servers return an upward referral
Test case identifier
NAMESERVER07 To check whether authoritative name servers return an upward referral
Objective
The configuration and/or implementation of some authoritative name servers causes them to return an upward referral to the root zone. There are proofs that such a behaviour could be used for DDoS attacks
Inputs
The domain name to be tested.
Ordered description of steps to be taken to execute the test case
- If the input domain to be tested is the root, exit from the test.
- Retrieve all address records for all the name servers using Method 4 and Method 5.
- An NS query is sent to each name server IP address found in step 2, with the root “.” as the destination
- If any of the query returns with one or more responses in the authority section, then this test case fails.
Outcome(s)
The test case is Ok only if there are no responses in the authority section
Special procedural requirements
None.
Intercase dependencies
None.