lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <8B32EDC90D8F4E4AB40918883281874D9BD1@pivxwin2k1.secnet.pivx.com>
Date: Tue, 16 Sep 2003 20:16:09 -0700
From: "Thor Larholm" <thor@...x.com>
To: "Thor Larholm" <thor@...x.com>
Cc: <list@...ield.org>, <bugtraq@...urityfocus.com>,
   "NTBugtraq" <NTBUGTRAQ@...TSERV.NTBUGTRAQ.COM>,
   <full-disclosure@...ts.netsys.com>
Subject: Verisign abusing .COM/.NET monopoly, BIND releases new


This is simply amazing, Verisign has just turned the .COM and .NET TLD
DNS servers up-side-down for their own economical gain and, in doing so,
disrupted network traffic for most of the Internet. Mail administrators
who use any non-existant DNSBL to mark email as spam suddenly has all
their mails deleted, people using localhost.localdomain.com on their
servers for administrative purposes are scrambling to find out the cause
of their problems and DNS problems arise everywhere as neg caching is
essentially disabled and all DNS caches have to cache each and every
randomly typed DNS query.

The BIND patch that prevents this should be released Wednesday.


http://slashdot.org/article.pl?sid=03/09/16/0034210&mode=thread&tid=126&
tid=95&tid=98&tid=99

<quote>
DragonHawk writes "As of a little while ago (it is around 7:45 PM US
Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A
record to the .COM and .NET TLD DNS zones. The IP address returned is
64.94.110.11, which reverses to sitefinder.verisign.com. What that means
in plain English is that most mis-typed domain names that would formerly
have resulted in a helpful error message now results in a VeriSign
advertising opportunity. For example, if my domain name was
'somecompany.com,' and somebody typed 'soemcompany.com' by mistake, they
would get VeriSign's advertising." Read on below for some more
information. 
</quote>

http://apnews.excite.com/article/20030916/D7TJOF3G0.html

<quote>
The Internet Software Consortium, the nonprofit organization that
develops BIND software for Internet domain name directories, is writing
an "urgent patch" for Internet service providers and others who want to
block customers from a new Site Finder service from VeriSign Inc.

Though VeriSign gets unspecified revenues from search engine partners
whose technology powers Site Finder, company officials described the
service as primarily a navigation tool to help lost Internet users.

Earlier this year, a suburban Washington company called Paxfire Inc.
tested a similar service for ".biz" and ".us" names, but the U.S.
government and a private oversight board asked Paxfire to suspend it
after a few weeks pending a review, Paxfire chairman Mark Lewyn said.
</quote>


Regards
Thor Larholm
PivX Solutions, LLC - Senior Security Researcher
http://www.pivx.com/larholm/unpatched - Unpatched IE vulnerabilities

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ