Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Resolving Everything: VeriSign Adds Wildcards

timothy posted more than 11 years ago | from the gotcha dept.

The Internet 1291

DragonHawk writes "As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was 'somecompany.com,' and somebody typed 'soemcompany.com' by mistake, they would get VeriSign's advertising." Read on below for some more information.

"(VeriSign is a company which purchased Network Solutions, another company which was given the task by the US government of running the .COM and .NET top-level domains (TLDs). VeriSign has been exploiting the Internet's DNS infrastructure ever since.)

This will have the immediate effect of making network trouble-shooting much more difficult. Before, a mis-typed domain name in an email address, web browser, or other network configuration item would result in an obvious error message. You might not have known what to do about it, but at least you knew something was wrong. Now, though, you will have to guess. Every time.

Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless.

VeriSign has published white papers about their implementation and also made some recommendations."

Sorry! There are no comments related to the filter you selected.

wonder of wonders (4, Interesting)

wherley (42799) | more than 11 years ago | (#6970369)

what are the chances - using the [verisign.com]
search page that comes up at the
verisign site to search for "register" we find at the top of the
list a link to networksolutions.com (a verisign company). we also
note that searching for the same word at google [google.com]
does not result in that site being present in at least the first four pages of results.

yeah - thats a real useful search tool verisign has there - thanks so much.

Re:wonder of wonders (1)

grolschie (610666) | more than 11 years ago | (#6970408)

yeah - thats a real useful search tool verisign has there - thanks so much.

My IE by default goes to a similar MSN type url search page. By now is overidden by the Verisign one. Neither are pages I would actually use. I would prefer an error message.

Re:wonder of wonders (4, Informative)

pbox (146337) | more than 11 years ago | (#6970441)

You at least have an option of turning off this "helpful" page in IE. No such feature from NSI.

Re:wonder of wonders (5, Informative)

StewedSquirrel (574170) | more than 11 years ago | (#6970556)

Sure you do, if you have a REAL router (or a DSL router even) you should be able to null-route that IP. Or actually, you might even be able to convince your ISP to do it with a short, friendly letter to the admin.

Stewey

Re:wonder of wonders (5, Funny)

Anonymous Coward | more than 11 years ago | (#6970453)

It is not that bad. At least if you enter "Verisign sucks big donkey balls", two of the three first results are from Slashdot.

Re:wonder of wonders (4, Interesting)

bobthemonkey13 (215219) | more than 11 years ago | (#6970476)

More fun with sitefinder.verisign.com [verisign.com]

Hmm, cross-site scripting. Seems harmless enough, but I wonder if VeriSign stores anything important in the verisign.com cookie...

It doesn't have to be wonderful... it's a monopoly (0)

Anonymous Coward | more than 11 years ago | (#6970506)

Leveraging their control of DNS, this is a very simple way to take over search capabilities from Google and the others.

And sponsored links for all.

joy (4, Insightful)

digitalsushi (137809) | more than 11 years ago | (#6970376)

this should make troubleshooting dns records as a netadmin much more fun with all those glorious false positives... guess that means i'll have to learn how to spell finally!

Me first sue.. (-1, Troll)

Shivaji Maharaj (692442) | more than 11 years ago | (#6970378)

Will this resolve to first post ?

YOU FAIL IT! (-1)

YOU FAIL IT! (624257) | more than 11 years ago | (#6970423)

Apparently not!

$ host shivaji.maharaj.slashdot.org
Host not found(FAILURE!)

YOU FAIL IT!

frsit psot! (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6970381)

frsit psot!

Seeeing the future (1)

Unregistered (584479) | more than 11 years ago | (#6970382)

Did anyone else see this story about 15 mins ago and get an error saying the page is in the future when you tried to open it. When i refreshed it was gone.

An now to be OT:
How big a problem will this be as most people/companies register common mispellings along with the right domain and make the mispellings point to the right site?

Re:Seeeing the future (1)

Robotech_Master (14247) | more than 11 years ago | (#6970543)

Did it have a red title bar instead of a green one? If so, that means it somehow accidentally leaked out to you before it was supposed to, while it was in the "only paid subscribers are supposed to be able to see this" period. I've seen that happen with other stories a couple of times.

But... (2, Funny)

Anonymous Coward | more than 11 years ago | (#6970383)

according to this [slashdot.org] "soemcompany.com" isn't wrong.

Re:But... (1)

HanClinto (621615) | more than 11 years ago | (#6970424)

yuo maen tihs [slashdot.org] ? :)

Re:But... (1)

alehmann (50545) | more than 11 years ago | (#6970598)

you mean this [salhsodt.org] ?

This is a bitch (0, Redundant)

Mohammed Al-Sahaf (665285) | more than 11 years ago | (#6970384)

I've heard this breaks a lot of spam-catching tools which check if the mail was sent from an invalid domain, as all IPs in these invalid domains now resolve.

Re:This is a bitch (1)

josecanuc (91) | more than 11 years ago | (#6970429)

Those spam-catching tools work by doing a reverse-dns lookup of the IP address that is trying to send the mail. This is different than doing a "forward"-dns lookup.

This shouldn't have any effect on those spam-catching tools.

Re:This is a bitch (1)

josecanuc (91) | more than 11 years ago | (#6970457)

Oops. This will bother spam-catching tools who verify that a the reported "from" address domain exists.

I was thinking of those mail servers who reject mail from IP addresses which do not have a reverse-dns entry.

Sorry.

Re:This is a bitch (5, Informative)

SSpade (549608) | more than 11 years ago | (#6970499)

Those spam-catching tools work by doing a reverse-dns lookup of the IP address that is trying to send the mail. This is different than doing a "forward"-dns lookup.

Not so.

A common spam filtering method is to check the envelope sender to see if the domain exists. Any mail that is sent with a faked envelope sender to which bounces can't be sent is spam.

That means querying for either an MX record or A record for that domain, and bouncing all the spam that doesn't have either. Now, thanks to verisign, all spam sent with forged envelope senders in .com or .net wil go straight through this spam filter, increasing the amount of spam in many peoples mailboxes.

Yes, in theory you could look for the magic A record returned, but to do so is something of an operational nightmare, and impossible to do with most current MTAs.

Re:This is a bitch (1)

StewedSquirrel (574170) | more than 11 years ago | (#6970518)

Well, My mail server sends with my domain, but doing a REVERSE lookup on my "shared" server reveals a name owned by my ISP. This would result in 50% of the smaller domains's VALID email addys being blocked from those tools. I much prefer to think they will forward-lookup based on the domain in my "from" address and find that the IP does, in fact, match the server it was sent from.

So, yes, forward lookup is how those products work but, I don't think they'll break, because they look for a MATCH, not simply a "not invalid" response. As far as I'm aware anyway.

Stewey

Re:This is a bitch (4, Insightful)

pavon (30274) | more than 11 years ago | (#6970477)

I vote that we concider anything from 64.94.110.11 to be spam. That should take care of the problem for spam filters.

Re:This is a bitch (1)

sould (301844) | more than 11 years ago | (#6970488)

I've heard this breaks a lot of spam-catching tools



Maybe from the top of this page?

Abusing the Power that be (1)

guinness_duck (231583) | more than 11 years ago | (#6970385)

This really does smack as an abuse of power to me.

The sad part is I'm really surprised it took them this long to implement this. It's just another sign that sales and marketing analysts run companies, and make all the decesions. Even small companies face this same thing.

Re:Abusing the Power that be (5, Insightful)

ScrewMaster (602015) | more than 11 years ago | (#6970455)

Verisign has forgotten that they don't own the Internet: they were granted the power to run the root servers and manage primary DNS by the federal government. That government-granted monopoly is revocable. This is a risky maneuver, as it will have global implications. They will probably get their wrists slapped.

How Long... (3, Insightful)

jlaxson (580785) | more than 11 years ago | (#6970391)

until we get gator-type forced advertising (not just incidental unrelated ads on the page) whenever you make the slightest domain mistake? I get the feeling this doesn't bode well for the continued freedom of the internet, if one company can unilaterally do something of this magnitude. (But then again, Mr. Bush seems to get along fine.)

How can we undo this? (3, Interesting)

Anonymous Coward | more than 11 years ago | (#6970395)

Anyone have any information on whom to contact to put an end to this absurdity?

Re:How can we undo this? (5, Funny)

Anonymous Coward | more than 11 years ago | (#6970483)

Anyone have any information on whom to contact to put an end to this absurdity?

I think you mean Commander Taco. Or were you talking about that dns thing?

Strike Back with Poor Typing (3, Funny)

nightsweat (604367) | more than 11 years ago | (#6970396)

As a Denial of Service Attack Iwill continue to manually type domain names and not take typing classes.

I oughta be able to bring em to their knees in a day or two.

A google toolbar a day... (0)

Anonymous Coward | more than 11 years ago | (#6970400)

...keeps Verisign away.

first post? (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6970405)

first post! troll! hot grits! natalie portman! bsd is dying! ms winbloze sux0rz!

sorry, i couldn't resist that blank page

network operators are pissed at this (5, Interesting)

mdouglas (139166) | more than 11 years ago | (#6970406)

expect that ip to get null routed by the backbone carriers real fast.

Re:network operators are pissed at this (5, Insightful)

Wateshay (122749) | more than 11 years ago | (#6970474)

I wonder how long it will be before Verisign decides to sue the backbone carriers for some kind of unfair business practice crap.

Re:network operators are pissed at this (1)

jlaxson (580785) | more than 11 years ago | (#6970546)

Same, I wonder how long it will be before some other big company decides to sue Verisign for some kind of unfair business crap.

hmmm (1)

pardasaniman (585320) | more than 11 years ago | (#6970409)

Hmmm I guess this mean Frist Psot is really an advertisement for First Post!

Bah (0)

Anonymous Coward | more than 11 years ago | (#6970411)

I'm so sick of having to see advertising everywhere. I only have so much money to spend, I wish companies would just leave me alone.

wlel.... (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6970413)

i fckued up taht frsit psot

w00t (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6970415)

first post, bitch!
hoo ha!

Shorting Microsoft (prepare for battle) (4, Interesting)

StewedSquirrel (574170) | more than 11 years ago | (#6970417)

Doesn't this this short-circuit Microsoft's attempt to capture ad revinue from all mis-typed domains through their Internet Explorer?

I always thought that a revolting misuse of monopoly power and I use Mozilla exclusively now (that was one of the primary reasons I switched, tho not the only one).

Prepare for Microsoft to be EXTREMELY UPSET. MSN's search count will be cut in 1/4 by this move too.

Watch for it.

Stewey

Re:Shorting Microsoft (prepare for battle) (0)

Anonymous Coward | more than 11 years ago | (#6970525)

What I really love is typing "google" into the address bar in IE will yield a msn search for "google" instead of attempting to contact google.com, google.net etc... Thats really innovative MS.

Re:Shorting Microsoft (prepare for battle) (1)

Sebby (238625) | more than 11 years ago | (#6970561)

Are you sure there isn't a 'browser extension' installed that hijacks 404 errors to another service's custom page?

Re:Shorting Microsoft (prepare for battle) (1)

StewedSquirrel (574170) | more than 11 years ago | (#6970600)

404 errors aren't used by Microsoft's browser by default. They rightfully return the Site's own 404 page. I don't have any extensions if you're asking me...

But, this little DNS move would not affect 404 errors (or assiciated plugins), because they occur after DNS resolution, when a resolved server returns the error.

Stewey

Which domains? (1)

duplicate-nickname (87112) | more than 11 years ago | (#6970419)

So, which domains actually return this ip address? I can't seem to find any.

Re:Which domains? (1)

digitalsushi (137809) | more than 11 years ago | (#6970492)

*mikec ~:go)host jklhadsf.com
jklhadsf.com has address 64.94.110.11
*mikec ~:go)host kjasdf.com
kjasdf.com has address 64.94.110.11
*mikec ~:go)host ssuyera.com
ssuyera.com has address 64.94.110.11

come on, this is easy.

Re:Which domains? (2, Informative)

mcpkaaos (449561) | more than 11 years ago | (#6970539)

The update was performed a short while ago and will take some time to propagate. DNS updates aren't immediate.

What? (4, Insightful)

Lord_Dweomer (648696) | more than 11 years ago | (#6970420)

So let me get this straight.....If I own http://www.hardtospelldomain.com, and someone mispells it, Verisign now has the opportunity to offer up the highest bidders site for redirects? Even potential competitors? Perhaps I'm missing something here, but wouldn't this open them to all kinds of lawsuits from companies that were affected in that way?

Re:What? (1)

JayBlalock (635935) | more than 11 years ago | (#6970529)

There WOULD appear to be a very strong case for conflict of interest, but it would take significant abuse on their part before it could stick.

Verisign just DDOSed itself (3, Funny)

diamond0 (456988) | more than 11 years ago | (#6970425)

Verisign just DDOSed itself by redirecting untold numbers of spam bounces to a single IP. Good job, guys!

Re:Verisign just DDOSed itself (2, Informative)

dzym (544085) | more than 11 years ago | (#6970491)

That's not really true. The daemon that runs on the SMTP port of the server with the IP(s?) in question will automatically close the connection once the DATA directive is issued by the client making the connection.

Verisign would look nice in gasoline and flame (5, Insightful)

netmask (8001) | more than 11 years ago | (#6970426)

This is really sad.

Not only will mail have problems, as the "non-existent domain" check will always fail.. but this is completely criminal it seems.

I hate to mention, but they are giving Microsoft a dose of their own medicine.. taking away their ability to bring you to their 'search' page for non-existent domains.. and AOL's own feature similar to that. It hurts google, since Verisign teamed with yahoo on this one for search services (Although, google provides yahoos search functionality for now).

All .com domains are resolving with an authoratitive section of Verisign's server.. and .net's with the list of root servers. It would seem that no domain should ever resolve with either of those as an authority.. The real dns server for the domain should. Hopefully BIND and other DNS packages will start blocking domains that have a root server or a verisign server as the authoratitive dns server.

Further.. they'll be harvesting bounced email addresses for sure. If you get spammed from a bunk domain, and it gets returned.. or you typo and email address.. they are nice enough to run a mail daemon on port 25 to harvest those addresses. It lets you helo, from, rcpt, and data.. and then closes your connection.. just long enough to snag all the info it wants from you.

This entire thing is a mess, and seems like it should be highly illegal. Hopefully OpenSRS and GoDaddy and others will have a fit over it. This just seems completely wrong.

Wildcards aren't resolving for me.... (1)

gid (5195) | more than 11 years ago | (#6970431)

[gid@pimpbot:~] date
Mon Sep 15 21:27:37 EDT 2003
[gid@pimpbot:~] host jskalfdsjksfjkfjdskafsda.com
jskalfdsjksfjkfjdska fsda.com does not exist (Authoritative answer)

Am I missing something? Shouldn't that resolve to that ip?

Re:Wildcards aren't resolving for me.... (0)

Second Vampyre (700228) | more than 11 years ago | (#6970524)

Maybe I got this typing random crap into my URL bar with a .com address http://sitefinder.verisign.com/lpc?url=sdlkfjsdlkj f.com&host=sdlkfjsdlkjf.com

Re:Wildcards aren't resolving for me.... (1)

Dogun (7502) | more than 11 years ago | (#6970557)

Dear Genius:

Try again tomorrow.

Is it just me? (2, Funny)

Anonymous Coward | more than 11 years ago | (#6970433)

Or is this a bit of a coincidence given story [slashdot.org]

sreb

server dead? (1)

dnotj (633262) | more than 11 years ago | (#6970437)

I got a timeout trying to reach http://www.verisignsucks.com

DDOS in the making (4, Insightful)

digitalsushi (137809) | more than 11 years ago | (#6970440)

think about it.. your dns server caches the entries it gets back, but now we can make scripts that check sequentially all the way up! crash your ISPs name servers, or crash a root server for the prize! remember kids, take down 2/3 + 1 of the root servers and it's not running on spec anymore!

Windows already does this... (1)

Prof.Phreak (584152) | more than 11 years ago | (#6970442)

So 90% of the population, instead of getting a Windows message will now get a verisign message.

Re:Windows already does this... (2, Insightful)

leerpm (570963) | more than 11 years ago | (#6970494)

Yes, but it is one thing when the application software does it. It is another matter when the network infrastructure provider does it.

Re:Windows already does this... (2, Insightful)

diamondc (241058) | more than 11 years ago | (#6970517)

But you can change your browser in Windows.

Now let's see (5, Insightful)

psyconaut (228947) | more than 11 years ago | (#6970443)

Porn companies aren't allowed to run sites with slightly mispelled names because it's considered unfair practice, but a 'registrar' is allowed to catch anything that might come their way?

-psy

Agreement by typo. (5, Informative)

Lux (49200) | more than 11 years ago | (#6970444)

This is hillarious!! They have a TOS!

By making a typo, you supposedly agree that if their site overflows a buffer in your browser and wipes your HD, they are not liable.

Okay, terrible example for many reasons, but I still think it's pretty laughable that they claim that the "user" agrees to certain terms of service by "utilizing" this little piece of indirection.

-Lux

Getting Around It (1)

jlaxson (580785) | more than 11 years ago | (#6970451)

Anybody know which root servers Verisign doesn't control, and therefore doesn't use this stupid wildcard? Or do I just not get it and this is a fact of life for now?

The ultimate domain squatter? (2, Interesting)

Eric_Cartman_South_P (594330) | more than 11 years ago | (#6970459)

Isn't this what domain squatting is? Now, EVERY single variation of a name is squatted, barring the few similar names that are legit. Crazy.

If Verisign somehow was incharge of POP3, then a wrong user name or wrong password would still log you in, but into a dummy account with spam for you to read.

Profits on many levels (1)

schwep (173358) | more than 11 years ago | (#6970460)

Just think about this, they can spin off a company to "buy" all bad domain names from Verisign, their stock price goes up because of new profits, the spin off company declares bankruptcy and everybody is happy - well sort of.

wahts the porelbm? (4, Funny)

yali (209015) | more than 11 years ago | (#6970461)

For example, if my domain name was 'somecompany.com,' and somebody typed 'soemcompany.com' by mistake...

What do you mean, "by msiatke [slashdot.org] "?

SMTP Callback (1)

Srass (42349) | more than 11 years ago | (#6970463)

Well, gee... I hope they can handle all the traffic from all of us who've got our mail servers configured to do SMTP callbacks...

Damn. I can't believe I almost miss the pit of worthlessness and apathy that was Network Solutions, now.

I'd rather resolve to goatse.cx (0, Funny)

Anonymous Coward | more than 11 years ago | (#6970464)

oh wait a minute....

no i don't.

patches? (4, Interesting)

Pathwalker (103) | more than 11 years ago | (#6970465)

I wonder how long it will be before there are patches for BIND/dnscache/etc. to remap any result containing 64.94.110.11 to a "record not found" result?

Dead already? (0)

Anonymous Coward | more than 11 years ago | (#6970466)

It worked for me for two randomly typed strings, and then I stopped getting the page and got my good ol' error messages. Very strage. perhaps we've already DOSed them?

I'm waiting until.. (1)

msgmonkey (599753) | more than 11 years ago | (#6970482)

This breaks something major, that'ill be fun. DNS is too low level to be messing around with it in this way. Sure you get IE taking you to some search page but atleast that is at the browser level and you can change your browser.

At most this should only apply to anything starting with www.. will have to check out the pdf.

Increased bandwidth (1)

Sebby (238625) | more than 11 years ago | (#6970484)

We do check the existance of domains before attempting to send out mails with our systems; if these don't fail the message gets sent, that means that much more bandwidth on our servers, the internet (bounced messages, etc...), and more of a headache than anything.

Guess I can start charging Verisign for all that extra bandwidth they're gonna generate.

Oddly enough... (1)

drinkypoo (153816) | more than 11 years ago | (#6970490)

I visited http://www.ewrljighwerlghkg.com/ [ewrljighwerlghkg.com] and I got a page which appears to belong to dotster [dotster.com] , which is actually my registrar of choice...

<img src="http://futurehome.dotster.com/images/transfil l.gif" width="1" height="10">

Is the segment of the html which I am examining.

So.... (0)

Anonymous Coward | more than 11 years ago | (#6970493)

Is this going to do anything at all to prevent domain squatting? Not really....Verisign just validated their business practice by doing it themselves. That's great.

Ok---Is this a fix? (1)

WhiteWolf666 (145211) | more than 11 years ago | (#6970495)

I don't really know much about anything....

but...

can't you just put
sitefinder.verisign.com 255.255.255.255 (or other invalid ip) in your hosts file?

doesn't that prevent sitefinder.verisign.com from resolving dns correctly? or am I wrong? i'm pretty sleepy, so I might not be thinking clearly.

Re:Ok---Is this a fix? (1)

WhiteWolf666 (145211) | more than 11 years ago | (#6970563)

sorry scratch that

i'm retarded

Re:Ok---Is this a fix? (1)

MavEtJu (241979) | more than 11 years ago | (#6970571)

That won't work since it resolves to an A record and not to a CNAME.

Spam-check useless? (1)

Istealmymusic (573079) | more than 11 years ago | (#6970505)

Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless.

How is this anti-spam check useless? Couldn't it be a simple check to modify the checking code to check for resolving to "64.94.110.11", and deny from that? It seems that no legitimate mail will come from that address (Verisign has different machines setup for different purposes, this one appears to be dedicated), or am I missing something?

netscape keywords (1)

millette (56354) | more than 11 years ago | (#6970509)

Wow! I'd never expected to find something even more misleading the netscape's use of keywords in the location bar.

Where can we sign to have this extravagant feature blown to dust?

how does it work? (1)

markov_chain (202465) | more than 11 years ago | (#6970515)

It seems that only names of the form "www.foobar.com" get resolved to verisign's search page. Anything without "www" in front is still reported as non-existing, so maybe the problems that many posters above mention about spam cross-checks won't be that significant.

An interesting way to leverage the DNS, anyway.

can you say coopt? (0)

Anonymous Coward | more than 11 years ago | (#6970520)

Yup, they done did it... coopted the internet!
it's going to give misconfigured host connectivity a case of the chromen brokesomes.

Mail trap (5, Interesting)

piyamaradus (447473) | more than 11 years ago | (#6970522)

This also traps all mail sent TO a non-existent domain. Since all RFC-compliant mail servers will follow up a negative MX response with an A lookup and connect to that IP, if you send mail to a bogus domain, it goes to verisign's server, which (currently) bounces it. Imagine the fun the federal government can have subpoena'ing those logs.

Also, you'll note the cookies that 'sitefinder' sends out, so they can uniquely track any traffic to that site. Also a fun subpoena opportunity. And did you read the fun terms of service that they claim you agree to by 'choosing to visit' their site?

I doubt this will stand. I certainly know that, as a major ISP executive, we'll be reviewing our business with Verisign.

Any way around this? (1)

ShawnD (21638) | more than 11 years ago | (#6970537)

Is there any way to configure BIND to ignore this other than picking new root servers and removing the option to use my ISPs DNS server?

I am running BIND9 on OpenBSD as a local LAN name server and DNS cache for the Internet.

30% chance of failure (4, Informative)

MavEtJu (241979) | more than 11 years ago | (#6970541)

With DNS tracer [mavetju.org] , you can see how much damage they do:

[~] edwin@k7>dnstracer -s . -o blaat.burps.ploeps.thisdomaindoesnotexistabcdef.co m
Tracing to blaat.burps.ploeps.thisdomaindoesnotexistabcdef.co m via A.ROOT-SERVERS.NET, timeout 15 seconds
A.ROOT-SERVERS.NET [.] (198.41.0.4)
|\___ M.GTLD-SERVERS.NET [com] (192.55.83.30)
|\___ E.GTLD-SERVERS.NET [com] (192.12.94.30)
|\___ K.GTLD-SERVERS.NET [com] (192.52.178.30)
|\___ J.GTLD-SERVERS.NET [com] (192.48.79.30)
|\___ F.GTLD-SERVERS.NET [com] (192.35.51.30)
|\___ L.GTLD-SERVERS.NET [com] (192.41.162.30)
|\___ D.GTLD-SERVERS.NET [com] (192.31.80.30) Got authoritative answer
|\___ B.GTLD-SERVERS.NET [com] (192.33.14.30) Got authoritative answer
|\___ I.GTLD-SERVERS.NET [com] (192.43.172.30)
|\___ C.GTLD-SERVERS.NET [com] (192.26.92.30) Got authoritative answer
|\___ H.GTLD-SERVERS.NET [com] (192.54.112.30)
|\___ G.GTLD-SERVERS.NET [com] (192.42.93.30)
\___ A.GTLD-SERVERS.NET [com] (192.5.6.30) Got authoritative answer


Personal opinion: stupid idiots who wrongly mix political goals with technical capabilities. Just because we can doesn't mean we should.

Legal Right? (0)

Anonymous Coward | more than 11 years ago | (#6970542)

What exactly gives them the legal right to just decide that they can take every non-owned domain name for their own advertising. It would seem to me that some small companies somewhere might be able to create a rather large stench about this. One can at least hope...How about this for unfair monopolistic business practice!!...

Their host is utterly broken (1)

alehmann (50545) | more than 11 years ago | (#6970544)

The site they redirect traffic too is horribly misconfigured. It will accept traffic on ports 80 and 25 but silently drop everything on other ports. So if you telnet, ssh, rsync, etc to a nonexistant domain it will hang for several minutes before timing out instead of even giving a "connection refused" message.

My Rights! My Rights! (2, Funny)

Alex Pennace (27488) | more than 11 years ago | (#6970550)

Help!

VeriSign has taken over www.lksdjglkjdslkjg44.com! This infringes on my trademark, which I have been using since 21:31 EDT. Unless VeriSign transfers that domain to me, for free, I'll sue!

Registar - Register (0)

Anonymous Coward | more than 11 years ago | (#6970552)

Since all of these supposed mis-types will resolve in a verisign web page, shouldn't they have to pay the $35/year or what ever it is to register for each and every domain that know is pointed to them?

Ok. (1)

Geekenstein (199041) | more than 11 years ago | (#6970559)

Who wants to be the first to hack a fix for this into BIND?

This is what happens Larry... (4, Funny)

MrPerfekt (414248) | more than 11 years ago | (#6970567)

when you fuck an RFC in the ass. *baseball bat on car headlight*

block em like pop up spam (0)

Anonymous Coward | more than 11 years ago | (#6970570)

hosts file

127.0.0.1 sitefinder.verisign.com

save

done.

you guys don't whine about having to do this for any other spam, why go nuts over it now? not like much will be done about it, so just block em like spam.

Legality (0)

hussain (579409) | more than 11 years ago | (#6970572)

Is this even legal? Makes me wish there was some sort of complaint service that game lawyers interesting cases to persue.

I can't confirm this is true.... (1)

halightw (539485) | more than 11 years ago | (#6970573)

I can't resolve unregistered domains even if I query VeriSign's root server itself, as per the most recent named.root file the server is 192.36.148.17 right?

I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
; operated by VeriSign, Inc.

Wow.... (1)

casings (257363) | more than 11 years ago | (#6970577)

i tried to goto mirocsotr.com [mirocsotr.com]
and that verisign page popped up. I hate verisign, i use www.domaindiscover.com as my registrar of choice... might be a good poll.

If verisign was smart.. (1)

Anonymous Coward | more than 11 years ago | (#6970583)

They would have the default page contain no advertisements and give a message like 'sorry, the domain you typed is misspelled'.

Then people would be less irritated with this change because it appears useful. 6 months later they change it to ad pop-up hell.

Coupons? (2)

_Sharp'r_ (649297) | more than 11 years ago | (#6970584)

Great... now we're all gonna get a wheelbarrow full of $5 coupons from Network Solutions that we can only use for their price-inflated products!

I already have enough toilet paper that says "register.com" on it. Guess I better go invest in a fireplace...

Gives new meaning to 'typosquatting' (1)

Sebby (238625) | more than 11 years ago | (#6970591)

Wouldn't this be considered typosquatting, especially if they try to make money off it?

Only working for .net domains... (1)

AltismoMaster (569463) | more than 11 years ago | (#6970592)

Don't know if being in Australia matters, but random domains are only defaulting to V if they end in .net.

Examples:
oifn348nfs.com [oifn348nfs.com]
oifn348nfs.net [oifn348nfs.net]
t98mklskqpz.com [t98mklskqpz.com]
oifn348nfs.net [t98mklskqpz.net]

Could be that the DNS servers are taking their time to refresh...

The worst thing about this is how one company that is sanctioned by the government that is charged with the duty to be fair - isn't.

Oh wait - was I supposed to be surprised...

Send your queries to the GTLD servers direct (4, Informative)

DragonHawk (21256) | more than 11 years ago | (#6970594)

Okay, everybody and their brother is trying to resolve "bogusdomainname.com" or whatever and finding they get a NXDOMAIN error (as they should). There are a lot of possible reasons for this, which I will simply handwave as "caching".

To see the real thing in action, query an authoritative nameserver directly. For example:


$ host www.bogusdomainname.com
Host www.bogusdomainname.com not found: 3(NXDOMAIN)
$ host www.bogusdomainname.com a.gtld-servers.net
Using domain server:
Name: a.gtld-servers.net
Address: 192.5.6.30#53
Aliases:

www.bogusdomainname.com has address 64.94.110.11
$


The first query uses the default resolver on my system, which is a local named which in turn forwards to my ISP's resolvers, which do who knows what. The second query says to ask a.gtld-servers.net, which causes the host utility to send the query directly to one of the authoritative nameservers for the GTLDs (Global Top Level Domains, as opposed to country-specific domains like .us). Then I see the current authoritative response.

They at least gave us warning (5, Informative)

jdc180 (125863) | more than 11 years ago | (#6970597)

This isn't something new, they told us it was coming. [slashdot.org] What a crock of shit. I think this shows that there needs to be some sort of accountability in this business.

I think Verisign now owes... (1, Insightful)

TheSHAD0W (258774) | more than 11 years ago | (#6970601)

Verisign now owes money to the Internic for every domain they now effectively hold. Considering how many misspelled domains get hit, I think we're going to have plenty of cash to upgrade the root name infrastructure, don't you?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?