Adobe.com returns incorrect NS records


#1

Hi,

We are seeing reproducible behaviour in Australia with the wrong NS records being returned for Adobe.com. DNS should be handled by Akamai according to Whois. Queries result in an nxdomain. Would paste a dig, but because I’m a new user I can’t.

Apparently this is not the same in other regions.

Andrew


#2

You can still paste the dig text into your message if it’s still not letting you upload an image.


#3

dig ns adobe.com @1.1.1.1

; <<>> DiG 9.10.3-P4-Ubuntu <<>> ns adobe.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8200
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1536
;; QUESTION SECTION:
;adobe.com. IN NS

;; ANSWER SECTION:
adobe.com. 1742 IN NS ns-451.awsdns-56.com.
adobe.com. 1742 IN NS ns-917.awsdns-50.net.
adobe.com. 1742 IN NS ns-1296.awsdns-34.org.
adobe.com. 1742 IN NS ns-1569.awsdns-04.co.uk.


#4

That’s odd… There really is an adobe.com zone on those nameservers.

(Route 53 doesn’t validate users really control a zone.)

Maybe Adobe was running an experiment?

Or there was a cache poisoning attack…?


#5

Yep - it wouldn’t let me paste it because the nameservers looked like links, and you are limited to no more than two links per post when you are new! An admin has approved the dig through at some stage following this, because I had pasted in a reply :slight_smile:


#6

As of around lunch time, Sydney time, Cloudflare was returning the correct records again.