Any workarounds for Verisign .com/.net highjacking?
Clifton Royston
cliftonr at tikitechnologies.com
Tue Sep 16 17:21:01 PDT 2003
On Tue, Sep 16, 2003 at 05:55:58PM -0600, M. Warner Losh wrote:
> I think we should put a filter for this nonsense into the base
> system. Hack the resolve to filter out the adddress, and hack bind to
> filter it out too. that way we can leverage our position in the name
> servers in the world to do something about this BS.
IMHO the correct behavior would be to discard any wildcard RR at any
TLD zone.
I found most of the discussion seems to be going on on NANOG.
(Apparently they're not the first, BTW; some CC TLDs have been doing it
for a while, as have some of the new TLDs like .museum. It's just that
it was a noise-level problem until it affected .com and .net)
The ISC has announced it expects to have a patch by Wednesday.
That's better than I'd hoped. Thanks for all the feedback I've got,
BTW.
<http://apnews.excite.com/article/20030916/D7TJOF3G0.html>
-- Clifton
--
Clifton Royston -- cliftonr at tikitechnologies.com
Tiki Technologies Lead Programmer/Software Architect
Did you ever fly a kite in bed? Did you ever walk with ten cats on your head?
Did you ever milk this kind of cow? Well we can do it. We know how.
If you never did, you should. These things are fun, and fun is good.
-- Dr. Seuss
More information about the freebsd-hackers
mailing list