Date: Tue, 16 Sep 2003 17:25:48 -0700 From: Seth Kingsley <sethk@meowfishies.com> To: "M. Warner Losh" <imp@bsdimp.com> Subject: Re: Any workarounds for Verisign .com/.net highjacking? Message-ID: <20030917002548.GA34420@mail.meowfishies.com> Resent-Message-ID: <20030917002738.37762.qmail@magnesium.net> In-Reply-To: <20030916.180417.44250294.imp@bsdimp.com> References: <20030916.175558.10083602.imp@bsdimp.com> <XFMail.20030916170025.jdp@polstra.com> <20030916.180417.44250294.imp@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Tue, Sep 16, 2003 at 06:04:17PM -0600, M. Warner Losh wrote: > Agreed. but it wouldn't be too hard to determine at boot/hourly doing > a bogus query to find the address of the moment. Even they would be > hard pressed to change things more than hourly. In the document VeriSign distributes on the *.com spam portal, titled Site Finder Developer's Guide (an entertaining read): http://sitefinder.verisign.com/pdf/sitefinderdevguide.pdf they describe the procedure for applications to determine if a match is the result of an actual domain record or the wildcard. This consists of comparing the returned address to the record for *.com. If the resolver could cache this value, it would be easy to keep up with VeriSign's current canonical spam host: % host -t a \*.com *.com has address 64.94.110.11 -- || Seth Kingsley || sethk@meowfishies.com || || http://www.meowfishies.com/ | Meow ^_^ || [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/Z6oMD1AymFxBOwgRAma7AJ4my5Hl67Pd1WcILXC/FBBbu0uViACfawJC keJRLPoMqbcnlaV9ogve654= =7/WA -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030917002548.GA34420>