[62133] in North American Network Operators' Group
RE: What *are* they smoking?
daemon@ATHENA.MIT.EDU (Matthew Kaufman)
Tue Sep 16 11:33:03 2003
From: "Matthew Kaufman" <matthew@eeph.com>
To: "'Tomas Lund'" <tlund@swip.net>,
"'Chris Adams'" <cmadams@hiwaay.net>
Cc: <nanog@merit.edu>
Date: Tue, 16 Sep 2003 08:32:29 -0700
In-Reply-To: <Pine.LNX.4.53.0309160312340.24279@seven.swip.net>
Errors-To: owner-nanog-outgoing@merit.edu
And then Verisign starts using multiple IP addresses and rotating =
through
them. And then they stop giving any other clues that it is a wildcard
record. Great. Just what we need... To be in an escalating war with the
people running the root nameservers.
Since it is clearly in Verisign's business interest to make it =
impossible
for you to tell when you've been handed one of the wildcard replies, I =
don't
see this stopping any time soon.
Matthew Kaufman
matthew@eeph.com
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On=20
> Behalf Of Tomas Lund
> Sent: Monday, September 15, 2003 6:14 PM
> To: Chris Adams
> Cc: nanog@merit.edu
> Subject: Re: What *are* they smoking?
>=20
>=20
>=20
> On Mon, 15 Sep 2003, Chris Adams wrote:
>=20
> > It appears that the most reliable way to detect a wildcard response=20
> > for 'somedomain.tld' is to query for '*.tld'; if the results match,=20
> > then 'somedomain.tld' doesn't really exist.
>=20
> Just make up a number of fake domains and resolve them. If=20
> they return the same answer, thats the answer to change back=20
> into NXDOMAIN.
>=20
> //tlund
>=20
