[PLUG] Verisign hijacks DNS
Terry Griffin
griffint at pobox.com
Mon Sep 15 23:01:13 UTC 2003
On Monday 15 September 2003 10:37 pm, AthlonRob wrote:
> On Mon, 2003-09-15 at 20:56, Carla Schroder wrote:
> > Doubtless you've heard of this by now. (see Slashdot)
>
> I hadn't.. just checked.. and ... wow.
>
> $ dig alsdkfjasldkfjaldksfjalsdkfj.com
>
> ; <<>> DiG 9.2.2 <<>> alsdkfjasldkfjaldksfjalsdkfj.com
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25413
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;alsdkfjasldkfjaldksfjalsdkfj.com. IN A
>
> ;; AUTHORITY SECTION:
> com. 10800 IN SOA a.gtld-servers.net.
> nstld.verisign-grs.com. 2003091501 1800 900 604800 86400
>
> ;; Query time: 502 msec
> ;; SERVER: 12.111.179.222#53(12.111.179.222)
> ;; WHEN: Mon Sep 15 22:34:07 2003
> ;; MSG SIZE rcvd: 123
>
> Oh My God.
>
> How can they do this?
>
> Ugh, I'm disgusted. I wonder if we could patch BIND to treat records
> that match that up there as non-existent.. ? If 95% of the DNS servers
> out there weren't recognizing it, it would be as if they hadn't done
> it...
>
> Rob
>
Dirty rats.
Send your comments to comments at icann.org.
Terry
More information about the PLUG
mailing list