[Gllug] Verisign 'site finder' problem
t.clarke
tim at seacon.co.uk
Fri Sep 19 15:54:55 UTC 2003
Hi
I have read various posts concerning the Verisign 'site finding' stunt
and have also noted that the BIND consortium have produced a patch of some
description to deal with it.
However, I cannot figure out how this BIND patch works and therefore whether or
not is worth applying.
As I understand it, if you do a lookup on a non-existent machine which is part
of a domain that does not exist at all, eg www.qwertasdbv.com, the versign
top-level nameserver will return directly the IP address of its 'site finder'
machine, instead of corectly returning 'no domain'.
If that is the case, and they are using different machines for different TLD's
that they manage, it must surely be necessary to keep track of all those
'site finder' machines IP addresses so as to disregard any replies which
contain them ?
Or am I completely misunderstanding the problem ??
Tim
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list