Date: Tue, 16 Sep 2003 16:58:06 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: Clifton Royston <cliftonr@lava.net>, freebsd-hackers@freebsd.org Subject: Re: Any workarounds for Verisign .com/.net highjacking? Message-ID: <p0521060ebb8d285d36eb@[128.113.24.47]> In-Reply-To: <20030916102356.A11571@lava.net> References: <20030916102356.A11571@lava.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:23 AM -1000 9/16/03, Clifton Royston wrote: > In the meantime I'm trying to figure out if there's some >simple hack to disregard these wildcard A records, short of >requesting zone transfers of the root nameservers (e.g. via >peering with f.root-servers.net) and purging those records >out of the zone before loading it. > >Any ideas, either under djbdns or Bind 9? The story at http://daily.daemonnews.org/view_story.php3?story_id=4068 notes that there is a patch for dnscache at: http://tinydns.org/djbdns-1.05-ignoreip.patch someone also posted a likely update for bind 9 to slashdot: http://slashdot.org/comments.pl?sid=78637&cid=6973033 (also available in a uuencoded version at: http://slashdot.org/comments.pl?sid=78637&cid=6972991 ) I have no idea of how well either of these work. Use your own discretion at applying them. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p0521060ebb8d285d36eb>