Date: Tue, 16 Sep 2003 18:04:17 -0600 (MDT) From: "M. Warner Losh" <imp@bsdimp.com> To: jdp@polstra.com Cc: dan@langille.org Subject: Re: Any workarounds for Verisign .com/.net highjacking? Message-ID: <20030916.180417.44250294.imp@bsdimp.com> In-Reply-To: <XFMail.20030916170025.jdp@polstra.com> References: <20030916.175558.10083602.imp@bsdimp.com> <XFMail.20030916170025.jdp@polstra.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <XFMail.20030916170025.jdp@polstra.com>
John Polstra <jdp@polstra.com> writes:
: On 16-Sep-2003 M. Warner Losh wrote:
: > I think we should put a filter for this nonsense into the base
: > system. Hack the resolve to filter out the adddress, and hack bind to
: > filter it out too. that way we can leverage our position in the name
: > servers in the world to do something about this BS.
:
: I think so too, in principle. But we need something better than a
: hard-coded IP address. It would take Verisign about an hour to figure
: out they need to change the address frequently. (Well, OK, a day ...
: it's Verisign, after all.)
Agreed. but it wouldn't be too hard to determine at boot/hourly doing
a bogus query to find the address of the moment. Even they would be
hard pressed to change things more than hourly.
Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030916.180417.44250294.imp>