Question

Domain Pointing / Stealing Via DNS On DigitalOcean Side

  • Posted September 16, 2014

I am just a bit confused as to how DNS works in terms of when it is assigned to DigitalOcean’s nameservers.

My domain from Namecheap is pointed at NS1/2/3.DIGITALOCEAN.COM. and I added the domain under DNS in DO to point to the droplet IP. My question is, wouldn’t someone else using DO be able to do the same thing and assign a domain in their own DNS panel and point the record to their own droplet IP?

AKA: how does DO know what domain should point to what account’s DNS?

Regards.

Subscribe
Share

The domain record has an ip address and a domain name. Can this happen if someone destroys a droplet but doesn’t delete the domain record for that droplet? Can that ip address be assigned to someone else creating a droplet?


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

I know this is a very old question but I just had someone steal my DNS/IP and point their domain name to my IP hosted on DO, did you find out what steps DO took? or you took? I have already send DMCA notice to Google and to the Registrar with which the domain was booked and I am waiting on DO’s support to respond.

You should google how a domain name is resolved or how DNS works.

Process of a DNS request from my knowledge

  1. client send a request to a name server
  2. name server search it’s cache for answer (ip) if it have cache return the result to the client > query ended successfully if not, it will query the root name server, and the root will return the authoritative name servers which you specified for your domain to answer the query. After getting an answer from the authoritative name server, the name server cache the result for later query and return the result to the client > query ended successfully.

The TTL field of a dns record is to tell other name server how long it can keep the cache before requerying.

Anyone can setup a name server for any domain, but only the authoritative name servers is responsible for all unanswered dns query.

How does DO know what domain should point to what account's DNS?

The answer is DO don’t know what domain should point to what account’s DNS? Only the authoritative name servers you set at your registrar matters.