A NXDOMAIN is Non-Existent Domain. It is a term used for the Internet domain name that is unable to be resolved using the DNS servers or domain name not yet registered. NXDOMAIN can also take place due to the network or DNS server problem.
If domain name does not exists the resolving name server should return NXDOMAIN status. For example, ninjaaamango.com does not exists, so any query sent to my ISP resolving name server should return NXDOMAIN. The following example should work on UNIX / Linux and Mac OS X command line option:
Host ninjaaamango.com not found: 3(NXDOMAIN)
DNS hijacking and NXDOMAIN
DNS hijacking is the practice of hijacking the resolution of DNS names to IP addresses by the use of rogue DNS servers, particularly for the practice of phishing, or the practice of some ISPs resolving otherwise non-existent domains to the ISPs own servers. Many ISPs have implemented NXDomain redirection services that hijack DNS traffic to show you sponsored links (advertisements) and other related ads when you mistype a domain name. However NXDOMAIN based service causes many problems such as:
- Incompatible with most VPN software.
- Incompatible with most e-mail server that uses dns based anti-spam blakclists.
- Prevent the computer from resolving internal hostnames.
- Security problems such as Phishing and Pharming.