nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: What *are* they smoking?

From: "Matthew Kaufman" <matthew () eeph com>
Date: Tue, 16 Sep 2003 08:32:29 -0700

And then Verisign starts using multiple IP addresses and rotating through
them. And then they stop giving any other clues that it is a wildcard
record. Great. Just what we need... To be in an escalating war with the
people running the root nameservers.

Since it is clearly in Verisign's business interest to make it impossible
for you to tell when you've been handed one of the wildcard replies, I don't
see this stopping any time soon.

Matthew Kaufman
matthew () eeph com


-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On 
Behalf Of Tomas Lund
Sent: Monday, September 15, 2003 6:14 PM
To: Chris Adams
Cc: nanog () merit edu
Subject: Re: What *are* they smoking?



On Mon, 15 Sep 2003, Chris Adams wrote:


It appears that the most reliable way to detect a wildcard response 
for 'somedomain.tld' is to query for '*.tld'; if the results match, 
then 'somedomain.tld' doesn't really exist.


Just make up a number of fake domains and resolve them. If 
they return the same answer, thats the answer to change back 
into NXDOMAIN.

//tlund
Previous By Date Next
Previous By Thread Next

Current thread: