[IP] Evil VeriSign, patch included
Date: Wed, 17 Sep 2003 15:58:01 +0200
From: "Remco B. Brink" <remco@xxxxxxx>
Subject: Evil VeriSign, patch included
To: dave@xxxxxxxxxx
Hello Dave,
this might be of interest for IP.
VeriSign's controversial "typo-squatting" Site Finder service is about to be
bypassed [1] by an emergency software patch to many of the Internet's backbone
computers.
The Internet Software Consortium, a nonprofit that publishes BIND, the software
that runs many of the Net's domain name servers, has just released an emergency
patch [2] to block VeriSign's new Site Finder service.
After patching Bind, the magic named.conf incantation to counter the VeriSign
braindamage is as easy as:
zone "com" { type delegation-only; };
zone "net" { type delegation-only; };
Jason Garman wrote a nice little rant explaining why this typo-squatting is
so totally evil [3].
Another thing to consider is that ISPs mail queues will get much larger as mail
delivery failures etc will now queue for retry rather than being failed as a
permanent error.
That makes you just really pray the next spamming worm is going to be a long
time away...
regards,
Remco
[1] http://www.wired.com/news/technology/0,1282,60473,00.html
[2] http://www.isc.org/products/BIND/delegation-only.html
[3] http://www.haque.net/verisign_dns_rant.php
--
Remco B. Brink -- IS Developer / CDTT -- Opera Software ASA
Personal site at http://rc6.org - PGP key at http://rc6.org/rbb.pgp
"We eat bandwith for breakfast."
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/