Verisign Resolving NXDOMAIN

Eric Pancer epancer at
Wed Sep 17 20:38:04 GMT 2003

Has anyone pursued the thought avenue that Verisign's idea to
resolve non-existent domain queries to their own hosts is a
violation of student privacy?

Over a drinkable lunch, I came to the conclusion that simple
analysis of traffic statistics and queries to their name servers may
provide Verisign with much information of our user community, and
internal network.

I'm just interested to see what other folks have come up with and
what technique's you're starting to look at (if any) to deal with
this issue.


Eric Pancer     Computer Security Response Team     DePaul University               epancer at 
pgp: 1024D/7ACBCFF3 C022 4991 41E5 51E7 683C F765 62F7 7F8E 7ACB CFF3

More information about the unisog mailing list