Educause Security Discussion mailing list archives
Re: Verisign's SiteFinder
From: "Bruhn, Mark S." <mbruhn () INDIANA EDU>
Date: Fri, 26 Sep 2003 14:34:50 -0500
Some more references to this. There is a change that can be made to DNS to deal with this, which our DNS folks implemented a few weeks ago, but I can't find the technical details on that now... M. -- The media angle http://www.theregister.co.uk/content/6/32852.html The IAB commentary - this is the most detailed coverage of it's effect. http://www.iab.org/documents/docs/2003-09-20-dns-wildcards.html The ICANN advisory http://www.icann.org/announcements/advisory-19sep03.htm M. -- Mark S. Bruhn, CISSP, CISM Chief IT Security and Policy Officer Associate Director, Center for Applied Cybersecurity Research (http://cacr.iu.edu) Office of the Vice President for Information Technology and CIO Indiana University 812-855-0326 Incidents involving IU IT resources: it-incident () iu edu Complaints/kudos about OVPIT/UITS services: itombuds () iu edu -----Original Message----- From: Omar Herrera [mailto:omar_herrera () BANXICO ORG MX] Sent: Friday, September 26, 2003 2:23 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Verisign's SiteFinder Verisign seems to be doing something "weird" with this service. There are many discussions around this everywhere, here is a sample of what seems to be going on: http://www.techweb.com/wire/story/TWB20030926S0003 I have not reviewed all the information with detail but it seems that Verisign is being accused of doing some sort of traffic hijacking. Omar Herrera, CISSP Instituto Tecnológico y de Estudios Superiores de Monterrey, Mexico City Campus Information security topic and laboratory
-----Mensaje original----- De: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] En nombre de Matthew Dalton Enviado el: Viernes, 26 de Septiembre de 2003 01:01 PM Para: SECURITY () LISTSERV EDUCAUSE EDU Asunto: [SECURITY] Verisign's SiteFinder Has anyone else out there notices an increase in bad traffic filling
up
their queues since the SiteFinder "service" went into affect? If so,
what
are other people doing about it from a technological standpoint and/or awareness standpoint? If you want to reply to me off-list, I will be happy to summarize to both lists the results. Thanks. --
************************************************************************ **
|Matthew Dalton |Phone: (585)273-1721
|
|ITS Security Group |Email:
Matthew.Dalton () rochester edu |
|University of Rochester |
|
|Rochester, NY 14620 |
|
************************************************************************ **
********** Participation and subscription information for this EDUCAUSE
Discussion
Group discussion list can be found at http://www.educause.edu/cg/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Verisign's SiteFinder Matthew Dalton (Sep 26)
- <Possible follow-ups>
- Re: Verisign's SiteFinder Omar Herrera (Sep 26)
- Re: Verisign's SiteFinder Bruhn, Mark S. (Sep 26)
- Re: Verisign's SiteFinder Scott Weeks (Sep 26)
- Re: Verisign's SiteFinder Scott Weeks (Sep 26)