[CLUE-Tech] How to Thwart Verisign's Latest DNS Trickery
Jed S. Baer
thag at frii.com
Wed Sep 17 17:16:13 MDT 2003
On Mon, 15 Sep 2003 21:22:06 -0600
"Jed S. Baer" <thag at frii.com> wrote:
> <quote>
> As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep
> 2003 as I write this), VeriSign added a wildcard A record to the .COM
> and..NET TLD DNS zones. The IP address returned is 64.94.110.11, which
> reverses to sitefinder.verisign.com. What that means in plain English is
> that most mis-typed domain names that would formerly have resulted in a
> helpful error message now results in a VeriSign advertising opportunity.
> For example, if my domain name was 'somecompany.com,' and somebody typed
> 'soemcompany.com' by mistake, they would get VeriSign's advertising.
> </quote>
Patch for BIND is out:
http://www.isc.org/products/BIND/delegation-only.html
jed
--
... it is poor civic hygiene to install technologies that could someday
facilitate a police state. -- Bruce Schneier
More information about the clue-tech
mailing list