Versign creates man-in-the-middle attack on DNS
Tim May
timcmay at got.net
Mon Sep 15 19:50:09 PDT 2003
On Monday, September 15, 2003, at 07:24 PM, Neil Johnson wrote:
> Just a few hours ago Versign modified the Internet's root DNS servers
> to
> respond to ANY DNS lookup that doesn't resolve in a real hostname to
> return
> the IP address of one their servers where they claim to have a search
> engine.
>
> For example, if you access http://www.thisisjunk55666.com , you will
> get a
> Verisign page, not a "Host can not be found error".
>
> This means that many anti-spam checks will fail among other issues.
>
> They will also intercept mail to mistyped email hosts (They claim to
> reject
> the mail, but not after having collected the From and To address).
>
> This really bites.
I didn't get a Verisign page...I go the usual error.
"Could not open the page �http://www.thisisjunk55666.com/� because the
server �www.thisisjunk55666.com� could not be found."
--Tim May
"We are at war with Oceania. We have always been at war with Oceania."
"We are at war with Eurasia. We have always been at war with Eurasia."
"We are at war with Iraq. We have always been at war with Iraq.
"We are at war with France. We have always been at war with France."
More information about the cypherpunks-legacy
mailing list