[Dshield] spam - dns - Verisign
Jon R. Kibler
Jon.Kibler at aset.com
Tue Sep 16 16:06:40 GMT 2003
Shawn Berg wrote:
> What is the purpose of Verisign doing this? Do they want to hi-jack all web
> traffic for unregistered domains so it goes to a page on their site where
> you can register? Sounds like they are up to something a little sneaky. I
> don't see much reason to resolve domain names that haven't been registered
> or that are expired, on hold, etc. Anyone else?
According to Verisign's documentation, this is a new "service" that: "Before this service was implemented, when a user entered a URL containing a nonexistent (e.g. unregistered) domain name ending in .com or .net, his or her web browser returned an error message that contained no useful information. With the rollout of Site Finder, in the same situation users now receive a helpful web page offering links to possible intended destinations and allowing an Internet search."
They also, admit that they are monitoring this activity, and their statements lead me to the conclusion that they are collecting data for some marketing purpose.
A temporary work-around to this problem: Block all traffic to/from IP 126.96.36.199. This will prevent accessing the Verisign web page and sending mail to their mail server.
What is REALLY needed is for ISC to implement a patch to BIND that returns NXDOMAIN whenever a wildcard A record response is returned.
Also, complaining to ICANN wouldn't hurt -- don't know if it would help much, but "the squeaky wheel gets the grease."
Jon R. Kibler
Charleston, SC USA
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
More information about the list