What *are* they smoking?

• Previous message (by thread): What *are* they smoking?
• Next message (by thread): What *are* they smoking?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

And then Verisign starts using multiple IP addresses and rotating through
them. And then they stop giving any other clues that it is a wildcard
record. Great. Just what we need... To be in an escalating war with the
people running the root nameservers.

Since it is clearly in Verisign's business interest to make it impossible
for you to tell when you've been handed one of the wildcard replies, I don't
see this stopping any time soon.

Matthew Kaufman
matthew at eeph.com

> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On 
> Behalf Of Tomas Lund
> Sent: Monday, September 15, 2003 6:14 PM
> To: Chris Adams
> Cc: nanog at merit.edu
> Subject: Re: What *are* they smoking?
> 
> 
> 
> On Mon, 15 Sep 2003, Chris Adams wrote:
> 
> > It appears that the most reliable way to detect a wildcard response 
> > for 'somedomain.tld' is to query for '*.tld'; if the results match, 
> > then 'somedomain.tld' doesn't really exist.
> 
> Just make up a number of fake domains and resolve them. If 
> they return the same answer, thats the answer to change back 
> into NXDOMAIN.
> 
> //tlund
> 

• Previous message (by thread): What *are* they smoking?
• Next message (by thread): What *are* they smoking?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]