Re: Debian + Verisign's .com/.net hijack

To: debian-security@lists.debian.org
Subject: Re: Debian + Verisign's .com/.net hijack
From: Joey Hess <joeyh@debian.org>
Date: Wed, 17 Sep 2003 11:48:20 -0400
Message-id: <[🔎] 20030917154820.GC3993@kitenet.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.44.0309171359330.2717-100000@ch.its.tudelft.nl>
References: <[🔎] 20030917103246.GG25474@net-track.ch> <[🔎] Pine.LNX.4.44.0309171359330.2717-100000@ch.its.tudelft.nl>

Arthur de Jong wrote:
> This will only work for a little while as a colleague of mine noted. This
> will block
>   *   IN   A   64.94.110.11
> but not
>   *   IN   NS  64.94.110.11
> which is a valid delegation. The 64.94.110.11 nameserver should then only
> return 64.94.110.11 for all requests for A records.

Paul Vixie addressed just this possibility in
<20030917051345.2DC911396E@sa.vix.com> on the NANOG list. You can mark
such a name server as "bogus". Assuming that IP is routable at all; I have
not seen a packet from 64.94.110.11 in over 24 hours.

-- 
see shy jo

Attachment: pgpqKtQHgj9WW.pgp
Description: PGP signature

Reply to:

References:
- Re: Debian + Verisign's .com/.net hijack
  - From: Oliver Hitz <oliver@net-track.ch>
- Re: Debian + Verisign's .com/.net hijack
  - From: Arthur de Jong <arthur@tiefighter.et.tudelft.nl>

Prev by Date: Re: Verisign and Bind update
Next by Date: Re: [d-security] Re: ssh vulnerability in the wild
Previous by thread: Re: Debian + Verisign's .com/.net hijack
Next by thread: Re: Debian + Verisign's .com/.net hijack
Index(es):
- Date
- Thread