Is Digital Ocean safe against DNS hacks?
These three questions may be naive and stemming from my cursory understanding of DNS.
Let’s say I register mydomain.com at a third party registrar and I point it to the Digital Ocean name servers.
Someone finds out about the domain name and the fact that it’s directed to Digital Ocean name servers. Before I had a chance to create an A record pointing to my droplet’s IP address, this person maliciously creates an A record pointing to his own Digital Ocean VPS. It is an unlikely scenario, but I am crazy to say that it would be possible for someone to hijack another person’s brand new domain name this way?
Second question is this. Let’s say I have an existing site running on my droplet. A malicious Digital Ocean customer sets up a duplicate A record pointing to his own IP address. What would happen in this scenario? Do A records work as first-come-first serve?
Third question is this. A Digital Ocean customer sets up an A record for mydomain.com but forgets to setup CNAME for www.mydomain.com. A malicious user sets up the CNAME pointing to his own IP address. what happens in this case?