Verisign adds wildcard to root servers
Discussion
Hi All,
Just wondering if anyone else caught this
http://slashdot.org/article.pl?sid=03/09/16/0034210&mode=thread&tid=126&tid=95&tid=98&tid=99
Verisign has added a wildcard to its .com and .net root servers which resolves non registered .com and .net domain names to its own search page. E.g if your were to mis-spell pistonheads as pistolheads and type www.pistolheads.com - instead of getting the nice 404 error (or msn search if you enable it) – you get the Verisign page.
Concerns are that Verisign will try to use this as a way to get people register those misspelled domains with them, also it may affect the way a number of spam blockers work and search engines will have to be careful about following page links that no longer exist (where the domain has since lapsed).
Not sure if it affects any one here – but reading the thread on slashdot it seems there’s a lot of un-happy people there.
Cheers
Paul
Just wondering if anyone else caught this
http://slashdot.org/article.pl?sid=03/09/16/0034210&mode=thread&tid=126&tid=95&tid=98&tid=99
Verisign has added a wildcard to its .com and .net root servers which resolves non registered .com and .net domain names to its own search page. E.g if your were to mis-spell pistonheads as pistolheads and type www.pistolheads.com - instead of getting the nice 404 error (or msn search if you enable it) – you get the Verisign page.
Concerns are that Verisign will try to use this as a way to get people register those misspelled domains with them, also it may affect the way a number of spam blockers work and search engines will have to be careful about following page links that no longer exist (where the domain has since lapsed).
Not sure if it affects any one here – but reading the thread on slashdot it seems there’s a lot of un-happy people there.
Cheers
Paul
patches are already out for alot of nameservers, with a bind one out already 
Basically redirecting all traffic destined for the Verisign 'wildcard' ip to a lovely NXDOMAIN record again
www.imperialviolet.org/dnsfix.html
Basically redirecting all traffic destined for the Verisign 'wildcard' ip to a lovely NXDOMAIN record again
www.imperialviolet.org/dnsfix.html
Fun though. I'm seriously thinking about changing my email system.
Currently it does a DNS lookeup on all mails it gets. If it can't find the source, it dumps the mail into trash as spam (very easy to spoof a mail address).
This no longer works. So instead, if it comes from Verisign, I'm going to forward it to their CEO......
Currently it does a DNS lookeup on all mails it gets. If it can't find the source, it dumps the mail into trash as spam (very easy to spoof a mail address).
This no longer works. So instead, if it comes from Verisign, I'm going to forward it to their CEO......
As suggested in The Register, and an excellent idea.
There's a patch to BIND to ignore Verislimes crap already, though.
And Verislimes web server is completely overloaded. I expect there's a DoS attack running against it already, and it's likely hideously overloaded. I doubt they realised the number of invalid DNS lookups made every day. Or minute.
There's a patch to BIND to ignore Verislimes crap already, though.
And Verislimes web server is completely overloaded. I expect there's a DoS attack running against it already, and it's likely hideously overloaded. I doubt they realised the number of invalid DNS lookups made every day. Or minute.
Thats disgusting... so, not only do the supposed "most trusted name on the internet" transfer sex.com from its rightful owner to a fraudster, it also compromised Microsoft's root cert and now they want to redirect all traffic to them.....
Verislime - thats not the half of it. The sooner this kind of crap gets stamped out the better! Bunch of arses who want to fleece the rest of the world for every penny it has.....
And precisely how did they manage to retain their marketshare? This this bunch of loosers at the top of the tree, there is no hope for anyone else....
And they say they want to help stamp out spam? Could they be the biggest culprit?
Thank god for a BIND fix already. Open source does have its advantages after all!!
Verislime - thats not the half of it. The sooner this kind of crap gets stamped out the better! Bunch of arses who want to fleece the rest of the world for every penny it has.....
And precisely how did they manage to retain their marketshare? This this bunch of loosers at the top of the tree, there is no hope for anyone else....
And they say they want to help stamp out spam? Could they be the biggest culprit?
Thank god for a BIND fix already. Open source does have its advantages after all!!
Looks like someone might have heard us....
www.smh.com.au/articles/2003/09/18/1063625123998.html
VeriSign hints at backdown over redirection of error pages
By Sam Varghese
September 18, 2003
VeriSign has said it would make "appropriate adjustments" to the changes
it made to domain name service zones that result in most mistyped .com
and .net domain names being redirected to its own site.
[...]
www.smh.com.au/articles/2003/09/18/1063625123998.html
VeriSign hints at backdown over redirection of error pages
By Sam Varghese
September 18, 2003
VeriSign has said it would make "appropriate adjustments" to the changes
it made to domain name service zones that result in most mistyped .com
and .net domain names being redirected to its own site.
[...]
Maybe not.... seems they want the "service" to stay http://zdnet.com.com/2100-1104_2-5078657.html?tag=zdnnfd.main 
But, in a wonderful twist, seems they are being sued by a domain sqautting outfit...
http://reuters.com/newsArticle.jhtml?type=internetNews&storyID=3471297
You couldn't make this up
But, in a wonderful twist, seems they are being sued by a domain sqautting outfit...
http://reuters.com/newsArticle.jhtml?type=internetNews&storyID=3471297
You couldn't make this up
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff