Date: Tue, 16 Sep 2003 17:12:41 -0400 From: Michael Edenfield <kutulu@kutulu.org> To: Dan Langille <dan@langille.org> Cc: Clifton Royston <cliftonr@lava.net> Subject: Re: Any workarounds for Verisign .com/.net highjacking? Message-ID: <20030916211241.GA83385@wombat.localnet> In-Reply-To: <3F673E27.29338.6E87ACC@localhost> References: <20030916102356.A11571@lava.net> <3F673E27.29338.6E87ACC@localhost>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] * Dan Langille <dan@langille.org> [030916 16:46]: > On 16 Sep 2003 at 10:23, Clifton Royston wrote: > > > In the meantime I'm trying to figure out if there's some simple hack > > to disregard these wildcard A records, short of requesting zone > > transfers of the root nameservers (e.g. via peering with > > f.root-servers.net) and purging those records out of the zone before > > loading it. Any ideas, either under djbdns or Bind 9? > > Sorry, only for bind8, as was posted to my local LUG list: > > http://achurch.org/bind-verisign-patch.html And from NANOG, here are workarounds for Bind9 and djbdns. http://www.imperialviolet.org/dnsfix.html [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/Z3zJCczNhKRsh48RAkoeAJ9ARAyjQPw68Rwe+i8pCgaSKA1kOACgsrFK khK5Qwpj1b3IuHXgFsHFFns= =zg18 -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030916211241.GA83385>