Flutterby™! : DNS sabotaged

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

DNS sabotaged

2003-09-16 16:19:34.315942+00 by Dan Lyke 8 comments

Okay, this goes beyond the pale. As reported on /., these weasely bastards have conspired to break the domain name system. As of right now:

$ host lksdasfas14598fcldzkjs.com
lksdasfas14598fcldzkjs.com has address 64.94.110.11

For you non-techies out there, there's a system that converts those names you use to "IP numbers", which are the 4 digit period separated addresses that the computers actually use to talk to each other. The weasely bastards have broken things so that when a name isn't found, rather than giving you a "not found" error message, they funnel you to their site where you can pay them money. Yet another reason that Verisign sucks. There are two possible fixes:

  1. ICANN might be able to do something, they can be told that people care via their complaint form.
  2. ISPs and software can start looking for 64.94.110.11 and interpreting it as "not found". This is not a good long-term solution.

[ related topics: moron Net Culture ]

comments in ascending chronological order (reverse):

#Comment Re: DNS sabotaged made: 2003-09-16 20:21:36.168278+00 by: meuon [edit history]

The ISP community is enraged.. solutions being implemented, include dynamically detecting and null-routing whatever verisign answers to such nonsense (currently 64.94.110.11) to redirecting such things to internal webservers. The fun part is that they are answering port 25 for these..causing hell with bounced mis-addressed mail and spam.

Which is why: Verisign Really Sucks.

note: some patches for DNS servers to stop this behaviour are showing up.

#Comment Re: DNS sabotaged made: 2003-09-16 20:53:12.921065+00 by: meuon [edit history]

And the "authorities" reccomend: http://www.iab.org/Documents/icann-vgrs-response.html

"To restore the data integrity and predictability of the DNS infrastructure, the IAB believes it would be best to return the .com and .net TLD servers to the behavior specified by the DNS protocols. VeriSign should, of course, be free to continue to distribute its plug-in in other ways, and we hope with them that the deployment of IDN-capable systems is as rapid as possible."

Soft words when the rest of the universe wants to know how to pull Verisign's ability to run gTLD nameservers.. and is lining up to do so.

#Comment Re: DNS sabotaged made: 2003-09-19 17:52:42.045368+00 by: radix

Lawsuit has now been filed for $100M. Read allaboutit: http://story.news.yahoo.com/ne...3&u=/nm/tech_verisign_lawsuit_dc

#Comment Re: DNS sabotaged made: 2003-09-19 20:10:52.543015+00 by: meuon

$100M is what they estimate it would make in a year... hence the amount. And I think they are just the first.. there will be more.

#Comment Re: DNS sabotaged made: 2003-10-03 15:01:11.384851+00 by: meuon

ICANN has finally made a firm demand:

http://www.icann.org/correspondence/twomey-to-lewis-03oct03.htm

With a bottom paragraph of:

Given the magnitude of the issues that have been raised, and their potential impact on the security and stability of the Internet, the DNS and the .com and .net top level domains, VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations.

#Comment Re: DNS sabotaged made: 2003-10-06 09:55:22.473154+00 by: meuon

And this AM, it looks like sitefinder and the * wildcard is history, for now. Verisign is claiming it is the victim.

#Comment Re: DNS sabotaged made: 2003-10-06 10:00:33.298008+00 by: meuon

Reposted from NANOG list without permission, but I think the fact it's ASCII art is apropos: 




In a Washington Post article, it was reported that a "close-knit group of
 engineers" were angered by Verisign's SiteFinder service, claiming that
 it caused "e-mail systems, spam blocking technology and other
 applications to malfunction".  Verisign responded that these claims are
 overblown.



 In response, the close-knit group of engineers said,





                        _      WILDCARD THIS!     _
                       |_|                       |_|
                       | |         /^^^\         | |
                      _| |_      (| "o" |)      _| |_
                    _| | | | _    (_---_)    _ | | | |_
                   | | | | |' |    _| |_    | `| | | | |
                   |          |   /     \   |          |
                    \        /  / /(. .)\ \  \        /
                      \    /  / /  | . |  \ \  \    /
                        \  \/ /    ||Y||    \ \/  /
                         \__/      || ||      \__/
                                   () ()
                                   || ||
                                  ooO Ooo










#Comment Re: DNS sabotaged made: 2003-10-08 13:00:37.960001+00 by:


meuon






  [edit history] 


Harvard has an interesting spin on things: http://cyber.law.harvard.edu/tlds/sitefinder



Their point is that it was a flawed business model and
that the advertisers on sitefinder may have some responsibility.