Re: Verisign Automated SelfLART

To: debate@xxxxxxxxxxxxxx
Subject: Re: Verisign Automated SelfLART
From: Florian Weimer <fw@xxxxxxxxxxxxx>
Date: Fri, 19 Sep 2003 07:37:42 +0200
In-reply-to: <20030919053127.GA31795@xxxxxxxxxxxxxxxxxxxxxxxxx> (Kristian Koehntopp's message of "Fri, 19 Sep 2003 07:31:27 +0200")
List-help: <mailto:debate-help@lists.fitug.de>
List-id: <debate.lists.fitug.de>
List-post: <mailto:debate@lists.fitug.de>
List-subscribe: <mailto:debate-subscribe@lists.fitug.de>
List-unsubscribe: <mailto:debate-unsubscribe@lists.fitug.de>
Mail-followup-to: debate@xxxxxxxxxxxxxx
Mailing-list: contact debate-help@xxxxxxxxxxxxxx; run by ezmlm
References: <20030919053127.GA31795@xxxxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Gnus/5.1003 (Gnus v5.10.3) Emacs/21.3 (gnu/linux)

Kristian Koehntopp <kris@xxxxxxxxxxxx> zitierte:

> I think that an interesting interaction involving:
>
> 1) Blaster worm DDoS attack against windows update.
> 2) The default action of Windows 2000 and XP computers
> to automatically append the domain name under "Network
> Identification" or the suffix search list to DNS lookups.
> 3) The number of non-existent domains that exist in the
> above settings.
> 4) The change that Verisign made so that all non-existent
> domains resolve to 64.94.110.11
>
> is the cause of the DDoS attack that Verisign is experiencing.

Nette Theorie, aber falsch. Es gab die ganze Zeit über einen NS-Record
für windowsupdate.com. Das unterdrückt die A-Record-Synthese für den
Wildcard, da sich Verisign zumindest hier an die Standards hält. (Ein
RR von anderem Typ reicht zur Unterdrückung aus, es muß nicht derselbe
sein.)

--
To unsubscribe, e-mail: debate-unsubscribe@xxxxxxxxxxxxxx
For additional commands, e-mail: debate-help@xxxxxxxxxxxxxx

Follow-Ups:
- Re: Verisign Automated SelfLART
  - From: Nils Ketelsen

References:
- Verisign Automated SelfLART
  - From: Kristian Koehntopp

Prev by Date: Verisign Automated SelfLART
Next by Date: Re: [FYI] Binäres XML - "Verlust an direkter Lesbarkeit für den menschlichen Konsumenten."
Previous by thread: Verisign Automated SelfLART
Next by thread: Re: Verisign Automated SelfLART
Index(es):
- Date
- Thread