Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: [spam] Re: Verisign abusing .COM/.NET monopoly, BIND releases new

From: "Exibar" <exibar () thelair com>
Date: Sat, 20 Sep 2003 23:22:16 -0400
I'm actually surprised that they DON'T have X10 ads or some other ads up
there already!  Hell, if you're going to do it, really fucking do it!

   I have no idea how many hits sitefinder is getting, but it must be quite
a few, hundreds of thousands a day maybe?  We are talking the ENTIRE 'net
here after all...  If you owned a business, how much would you pay for your
add to be seen tens of millions of times a week?

 Exibar

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of Craig Pratt
Sent: Wednesday, September 17, 2003 2:08 AM
To: Joshua Levitsky
Cc: full-disclosure () lists netsys com
Subject: [spam] Re: [Full-disclosure] Verisign abusing .COM/.NET
monopoly, BIND releases new


Wow. This is amazing - and quite sad.

If you don't appreciate what this means, open your web browser, and
enter an URL by running your hand across the keyboard, and add ".com"
or ".net" at the end.

e.g. http://fbbgqqweffewq.com

Expecting a "server not found" message? Guess again:

   We didn't find: "fbbgqqweffewq.com"
   There is no Web site at this address.

   Search the Web: ____________________

   Search Popular Categories:

      Travel  Entertainment  Gambling  Shopping  Gifts  ...

   Copyright© 2003 VeriSign, Inc. All Rights Reserved

There are lots of DNS implications for this, not to mention wasted
network bandwidth and caching proxy server. Perhaps people can start
billing VeriSign for these wasted resources?

Next thing you know, they'll be selling banner ads up there for casinos
and X10 equipment.

Craig

On Tuesday, Sep 16, 2003, at 21:50 US/Pacific, Joshua Levitsky wrote:


On Sep 17, 2003, at 12:42 AM, Joshua Levitsky wrote:


On Sep 16, 2003, at 11:16 PM, Thor Larholm wrote:


Mail administrators
who use any non-existant DNSBL to mark email as spam suddenly has all
their mails deleted,


Actually I figured out how to use it to my advantage. I query "."
which is my own DNS server of course as a ip4r blacklist and if the
IP for verisign's site is returned then I give the spam a very high
score. Any domain that doesn't exist would fail this, but any other
domain would not return that IP, but rather the proper IP.  I'm still
pissed at Verisign, but I always try to turn a problem in to an
opportunity so now I'm using their greed to block spam.



Just to clarify my own post. I meant a right hand side test so it is
checking the address that the sender is claiming is theirs rather than
how you typically check the host that is handing the mail to you.
(It's late and I clicked send too quick.)

-Josh

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



--
This message checked for dangerous content by MailScanner on StrongBox.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: