Full Disclosure mailing list archives
Re: Verisign abusing .COM/.NET monopoly, BIND releases new
From: Craig Pratt <craig () strong-box net>
Date: Tue, 16 Sep 2003 23:08:02 -0700
Wow. This is amazing - and quite sad.If you don't appreciate what this means, open your web browser, and enter an URL by running your hand across the keyboard, and add ".com" or ".net" at the end.
e.g. http://fbbgqqweffewq.com Expecting a "server not found" message? Guess again: We didn't find: "fbbgqqweffewq.com" There is no Web site at this address. Search the Web: ____________________ Search Popular Categories: Travel Entertainment Gambling Shopping Gifts ... Copyright© 2003 VeriSign, Inc. All Rights ReservedThere are lots of DNS implications for this, not to mention wasted network bandwidth and caching proxy server. Perhaps people can start billing VeriSign for these wasted resources?
Next thing you know, they'll be selling banner ads up there for casinos and X10 equipment.
Craig On Tuesday, Sep 16, 2003, at 21:50 US/Pacific, Joshua Levitsky wrote:
On Sep 17, 2003, at 12:42 AM, Joshua Levitsky wrote:On Sep 16, 2003, at 11:16 PM, Thor Larholm wrote:Mail administrators who use any non-existant DNSBL to mark email as spam suddenly has all their mails deleted,Actually I figured out how to use it to my advantage. I query "." which is my own DNS server of course as a ip4r blacklist and if the IP for verisign's site is returned then I give the spam a very high score. Any domain that doesn't exist would fail this, but any other domain would not return that IP, but rather the proper IP. I'm still pissed at Verisign, but I always try to turn a problem in to an opportunity so now I'm using their greed to block spam.Just to clarify my own post. I meant a right hand side test so it is checking the address that the sender is claiming is theirs rather than how you typically check the host that is handing the mail to you. (It's late and I clicked send too quick.)-Josh _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-- This message checked for dangerous content by MailScanner on StrongBox. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Verisign abusing .COM/.NET monopoly, BIND releases new Thor Larholm (Sep 16)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Joshua Levitsky (Sep 16)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Joshua Levitsky (Sep 16)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Craig Pratt (Sep 20)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Jonathan A. Zdziarski (Sep 20)
- RE: [spam] Re: Verisign abusing .COM/.NET monopoly, BIND releases new Exibar (Sep 20)
- Re: [spam] Re: Verisign abusing .COM/.NET monopoly, BIND releases new Samurai (Sep 21)
- Re: [spam] Re: Verisign abusing .COM/.NET monopoly, BIND releases new Vincent (Sep 21)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Joshua Levitsky (Sep 16)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Joshua Levitsky (Sep 16)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Michael J McCafferty (Sep 17)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Kilian CAVALOTTI (Sep 17)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Jonathan A. Zdziarski (Sep 17)
- Re: Verisign abusing .COM/.NET monopoly, BIND releases new Michael Renzmann (Sep 17)