Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new
From: Michael Renzmann (security_at_dylanic.de)
Date: 09/17/03
- Previous message: Ferris, Robin: "RE: [Full-Disclosure] whoch DCOM exploit code are they speaking a bout here?"
- In reply to: Brian Hatch: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Next in thread: Christopher Kruslicky: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Reply: Christopher Kruslicky: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Brian Hatch <full-disclosure@ifokr.org> Date: Wed, 17 Sep 2003 09:13:52 +0200
Hi Brian.
Brian Hatch wrote:
> Is it always returning the same IP address,
Yeah, seams like that. For example, the (I think) non-existant
dulladulladulla.net resolves to 64.94.110.11, as well as
bollabollabolla.net or verisignsucks.net. So blocking any DNS reply
containing this IP could be a way to prevent that Verisign "commercial
break".
Did anyone else notice that the host behind this IP seems to be down? No
ping reply, no answer to http-requests. No, wait: port 25 seems to be
open (so there is a machine behind that IP). But no http, so no (more)
commercial from that host.
Bye, Mike
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Ferris, Robin: "RE: [Full-Disclosure] whoch DCOM exploit code are they speaking a bout here?"
- In reply to: Brian Hatch: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Next in thread: Christopher Kruslicky: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Reply: Christopher Kruslicky: "Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
