DNS lookup rules ?

Greetings All,

I have a question that relates to DNS rules and security. I have posted this on Stack Overflow but am not confident of any answers, as I have not participated there before.

Let us say Person A owns the site https://www.example.com

A different person, Person B, not associated with A, attempts to register https://sub.example.com
with the local registry. Will the registry allow this ? Or is there an implicit understanding that these domain names are linked, and can’t be obtained by third parties ?

The reason I ask is that my university https://www.sydney.edu.au
supposedly sent me a link in an email, authored by notifications@instructure.com, which directs me to

This looks bad to me. But maybe dns rules only allow sydney.edu.au to have the associated domain of canvas.sydney.edu.au

Otherwise, if any person (e.g. a Bad Person) can register https://badsite.sydney.edu.au and dns lets it go through … then there is just one more hole in the dns world that is waiting to be exploited.

Regards, Tony B.

No, you register a domain under a TLD, in your example domain is example and TLD is .com

Then what you call subdomain is a host or service name, and only can be “registered” or resolved by the DNS(s) that runs the domain (example.com), so sub.example.com is not registered, only configured under the example.com DNS server(s).

Thank you Jose. Much appreciated. My concern that https://canvas.sydney.edu.au might be a badsite is without foundation.

Regards, Tony Barry

You’re welcome.

There are attacks vs DNS/Bind, etc… but that “subdomain” must be configured by sidney.edu.au admin (if dns not hijacked).

Also, i se this Isis a redirection to another machine, and is https, even the certificate does not verify the issuer is sidney.edu.au, you can verify you are in one of that domain’s machine.

Also, if you ping sydney.edu.au you get IP
If you ping sts.sydney.edu.au (where canvas. redirects) you get

If you do a whois to any of there you can see them belongs to “University of Sydney - network administrator”



% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to ‘ -’

% Abuse contact for ‘ -’ is ‘abuse@sydney.edu.au’

inetnum: -
netname: UNISYD-AU
descr: University of Sydney
country: AU
admin-c: UOSN1-AP
tech-c: UOSN1-AP
remarks: This object was transferred from ARIN database
remarks: on 11 December 2002
mnt-by: APNIC-HM
last-modified: 2012-09-07T01:02:42Z
source: APNIC

address: Building G17, 316 Abercrombie Street,
address: Darlington, NSW 2006
address: AU
phone: +61286277898
e-mail: krishnan.rajendran@sydney.edu.au
abuse-mailbox: abuse@sydney.edu.au
admin-c: UOSN1-AP
tech-c: UOSN1-AP
auth: # Filtered
irt-nfy: krishnan.rajendran@sydney.edu.au
last-modified: 2014-04-30T04:14:26Z
source: APNIC

role: University of Sydney - network administrator
address: Building G17, 316 Abercrombie Street,
address: Darlington, NSW 2006
country: AU
phone: +61286277898
fax-no: +61286277899
e-mail: krishnan.rajendran@sydney.edu.au
admin-c: UOSN1-AP
tech-c: UOSN1-AP
nic-hdl: UOSN1-AP
last-modified: 2012-09-06T01:40:10Z
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-46 (WHOIS-UK3)[/code]

Tony, see this line in the Whois response?

% Abuse contact for ' -' is 'abuse@sydney.edu.au'

You could email them and ask about it. Also, I would expect that the domain is controlled by the university IT department. You could probably ask them about canvas.sydney.edu.au and bring up your concerns. If they don’t know about the registration, I’m sure they’ll go find out!

Canvas is a pretty common learning management system (LMS) used by a lot of schools (here in the US at least). Both of my kids have used it in high school and now into college.

Instructure.com seems to be the people who make the software https://www.instructure.com/about :slight_smile:

A very big thank you to all who replied. My knowledge increases …

Tony B