[juneau-lug] Re: Verisign DNS goofiness
- From: Kevin Miller <Kevin_Miller@xxxxxxxxxxxxxxx>
- To: "'juneau-lug@xxxxxxxxxxxxx'" <juneau-lug@xxxxxxxxxxxxx>
- Date: Fri, 19 Sep 2003 07:03:15 -0800
While it might make one feel better, they are tracking who connects. If it
looked like a DoS, they've indicated they'll go after people. In the
MailScanner list someone suggested that mailservers be configured to bounce
any mail to them that resolves to their address. Port 25 is open on that
machine, but not responsive.
Wouldn't it be great if it was actually a giant honeypot project to collect
spammer source addresses in disguise? But that would be too good to be
true...
...Kevin
-------------------
Kevin Miller Registered Linux User No: 307357
CBJ MIS Dept. Network Systems Administrator, Mail
Administrator
155 South Seward Street ph: (907) 586-0242
Juneau, Alaska 99801 fax: (907 586-4500
>-----Original Message-----
>From: Nels Tomlinson [mailto:nelstomlinson@xxxxxxx]
>Sent: Thursday, September 18, 2003 6:18 PM
>To: juneau-lug@xxxxxxxxxxxxx
>Subject: [juneau-lug] Re: Verisign DNS goofiness
>
>
>Is there anything wrong with the idea of sending them requests for
>randomstringhere.com every second or so, just to show them how much we
>appreciate their efforts? Wouldn't want them to feel that
>their nifty
>new service wasn't being used.
>
>I bet that if everyone who could copy a bash script was doing that,
>they'd get a nice warm feeling, as their servers overheated.
>Or would
>it just waste our bandwidth and fill caches between them and
>us with crap?
>
>If it works, it would probably be wortwhile to make a little script
>which would get a few dozen bytes from /dev/null, add .com
>onto the end
>and run hosts on the result.
>
>Nels
>
>James Zuelow wrote:
>
>>I'm sure most of you have seen this on the web and/or AKLUG
>list, but it
>>is still fun to play with.
>>
>>Verisign decided that if you mis-type a domain name, you
>should end up at
>>the Verisign web page. So they've configured their DNS
>servers to list
>>their search page for domains that don't exist. You can test
>this with
>>the host command:
>>
>>host werasdsdvdadarewqw34d.com
>>host asdfaeasefdavad.com
>>host randomstringhere.com
>>
>>all return the same IP address.
>>
>>The problem is that there is no such thing as a non-existent domain
>>anymore, so anti-spam filters that check for a valid DNS address won't
>>work anymore, since EVERY domain will check out. Spammers can
>just make
>>domains up out of the air, and must be absolutely loving it.
>>
>>Cheers,
>>
>>James
>>
>>
>>------------------------------------
>>This is the Juneau-LUG mailing list.
>>To unsubscribe, send an e-mail to
>juneau-lug-request@xxxxxxxxxxxxx with the word unsubscribe in
>the subject header.
>>
>>
>>
>
>
>------------------------------------
>This is the Juneau-LUG mailing list.
>To unsubscribe, send an e-mail to
>juneau-lug-request@xxxxxxxxxxxxx with the word unsubscribe in
>the subject header.
>
------------------------------------
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the
word unsubscribe in the subject header.
Other related posts:
