Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new
From: Brian Hatch (full-disclosure_at_ifokr.org)
Date: 09/17/03
- Previous message: Brown, Rodrick: "RE: [Full-Disclosure] whoch DCOM exploit code are they speaking about here?"
- In reply to: Thor Larholm: "[Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Next in thread: Michael Renzmann: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Reply: Michael Renzmann: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Thor Larholm <thor@pivx.com> Date: Tue, 16 Sep 2003 22:28:18 -0700
> This is simply amazing, Verisign has just turned the .COM and .NET TLD
> DNS servers up-side-down for their own economical gain and, in doing so,
> disrupted network traffic for most of the Internet. Mail administrators
> who use any non-existant DNSBL to mark email as spam suddenly has all
> their mails deleted, people using localhost.localdomain.com on their
> servers for administrative purposes are scrambling to find out the cause
> of their problems and DNS problems arise everywhere as neg caching is
> essentially disabled and all DNS caches have to cache each and every
> randomly typed DNS query.
>
> The BIND patch that prevents this should be released Wednesday.
I hate to muck with a DNS server to fix this problem. And since
I prefer DJBDNS, a BIND patch wouldn't do me any good anyway.
Is it always returning the same IP address, or have any other
noticable characteristics? If so I'd think we could set up
a firewall rule to drop all DNS replies that contain the
Verisign-be-damned IP address. That'd protect everything,
regardless of name server or method of access (using
host/nslookup/etc manually.)
-- Brian Hatch "The universe is run by Systems and the complex interweaving Security Engineer of three elements: energy, http://www.ifokr.org/bri/ matter, and enlightened self-interest." Every message PGP signed
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
- Previous message: Brown, Rodrick: "RE: [Full-Disclosure] whoch DCOM exploit code are they speaking about here?"
- In reply to: Thor Larholm: "[Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Next in thread: Michael Renzmann: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Reply: Michael Renzmann: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
