| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 Sep 2003 18:19:32 -0400 (EDT) From: Damaged Industries <damaged@...aged.no-ip.com> To: bugtraq@...urityfocus.com Subject: Re: Verisign abusing .COM/.NET monopoly, BIND releases new On Wed, 17 Sep 2003, SR wrote: > > This is simply amazing, Verisign has just turned the .COM and .NET TLD > > DNS servers up-side-down for their own economical gain and, in doing so, > > disrupted network traffic for most of the Internet. Mail administrators > > who use any non-existant DNSBL to mark email as spam suddenly has all > > their mails deleted, people using localhost.localdomain.com on their > > servers for administrative purposes are scrambling to find out the cause > > of their problems and DNS problems arise everywhere as neg caching is > > essentially disabled and all DNS caches have to cache each and every > > randomly typed DNS query. > > > > The BIND patch that prevents this should be released Wednesday. > > djbdns already has a patch (make that two patches). > > They are available from djbdns.org > Several patches have been out: Bind9 patch: http://www.isc.org/products/BIND/delegation-only.html Bind8 patch: http://achurch.org/bind-verisign-patch.html Djbdns patch: http://tinydns.org/djbdns-1.05-ignoreip.patch PowerDNS patch: http://www.imperialviolet.org/binary/powerdns.patch Userfriendly :) http://ars.userfriendly.org/cartoons/?id=20030917&mode=classic ---- -- damaged
Powered by blists - more mailing lists