[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: Verisign abusing .COM/.NET monopoly, BIND releases new

To: "D. Ian Miller" <miller@xxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Re: Verisign abusing .COM/.NET monopoly, BIND releases new
From: jamie rishaw <jamie@xxxxxxxx>
Date: Wed, 17 Sep 2003 23:16:01 -0500

The wildcard record still appears in com.zone (stamped 17:37 Eastern):

ZZZ.GRAVITYBALL A 210.188.229.11
* A 64.94.110.11
VRSN-END-OF-ZONE-MARKER-DUMMY-RECORD.COM. IN TXT "plenus"
;File end: -14589
;End of file: 2003091701

On Wed, Sep 17, 2003 at 04:44:18PM -0600, D. Ian Miller wrote:
> FYI ... looks like Verisign has pulled the wildcard A record as we have 
> not patched but invalid domain searches no longer go to verisign ... 
> sitefinder-idn.verisign.com is no longer responding to queries ... maybe 
> someone got the message ... wonder how they will explain this one ...
> 
> Jose Nazario wrote:
> 
> >a number of options exist to help you remedy this issue:
> >
> >     - bind 9.2.3rc2 supports "delegation-only", stopping some
> >       wildcard implementations from making any difference
> >
> >if you simply want to stop traffic getting there (they are running a
> >website and a partially functional MTA on that IP):
> >
> >     - you can BGP null route this
> >       http://www.merit.edu/mail.archives/nanog/msg13715.html
> >
> >     - cisco's NBAR functionality may be used to detect and block those
> >       reply packets from coming in by looking for the response from
> >       the nameservers.
> >http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e2/nbar2e.htm
> >
> >note that this wont stop the query from reaching verisign, it will just
> >stop you from going to that IP. however, for some enforcing network
> >privacy concerns, that may be worthwhile.
> >
> >hope this helps,
> >
> >___________________________
> >jose nazario, ph.d.                  jose@xxxxxxxxxx
> >                                     http://monkey.org/~jose/
> >
> > 
> >
> 
> -- 
> =======================================
> D. Ian Miller                      }8-)
> Systems Analyst
> Information Technologies
> University of Calgary
> W: 403.220.8643
> M: 403.605.9856
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

-- 
i.am-> jamie.(at).arpa.dot.com
arpa.com :: the mainstream runs shallow

jesus loves you... but satan has candy.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new
  - From: Thor Larholm
- [Full-Disclosure] Re: Verisign abusing .COM/.NET monopoly, BIND releases new
  - From: Jose Nazario
- [Full-Disclosure] Re: Verisign abusing .COM/.NET monopoly, BIND releases new
  - From: D. Ian Miller

Prev by Date: RE: [Full-Disclosure] How to block flash advertisement
Next by Date: Re: [Full-Disclosure] Re: Verisign abusing .COM/.NET monopoly, BIND releases new
Previous by thread: Re: [Full-Disclosure] Re: Verisign abusing .COM/.NET monopoly, BIND releases new
Next by thread: RE: [Full-Disclosure] Re: Verisign abusing .COM/.NET monopoly, BIND releases new
Index(es):
- Date
- Thread