[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1063809989.3164.14.camel@tantor.nuclearelephant.com>
Date: Wed, 17 Sep 2003 10:46:29 -0400
From: "Jonathan A. Zdziarski" <jonathan@...learelephant.com>
To: Thor Larholm <thor@...x.com>
Cc: Brian Hatch <full-disclosure@...kr.org>, list@...ield.org,
bugtraq@...urityfocus.com, NTBugtraq <NTBUGTRAQ@...TSERV.NTBUGTRAQ.COM>,
full-disclosure@...ts.netsys.com
Subject: RE: Verisign abusing .COM/.NET monopoly, BIND
releases new
> For now, it is returning the same IP address, but I have no trouble
> imagining Verisign evading DNS filters by changing the A records every
> now and then. Any solution to prevent Verisigns greed should keep this
> in mind.
>From what I understand, BIND's approach is much more sophisticated than
a hardcoded (or configured) IP address. AFAIK, it looks up the wildcard
TLD ip addresses and uses that to filter...so if the address should
change, it will automatically change BIND's filter settings.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists