How can I block Verisign?
Mark
admin at asarian-host.net
Thu Sep 18 14:08:26 UTC 2003
Ever since Verisign horribly abused its root server privileges (which should
be revoked) and usurped all previously invalid "com" and "net" domains, I
have been looking for a reliable way to block the
"sitefinder-idn.verisign.com" (64.94.110.11) reply.
This is, of course, not trivial. Patching BIND? I have already read that
this is not without risk either, and I like to err on the side of caution.
Are there not Verisign IP addresses I can block? (at the firewall, for
instance). And is it safe to block Verisign root servers? Or would that be
pointless?
I want to tread a bit carefully here; but I am nonetheless determined to not
let Verisign get away with this (at least not on my system).
Any suggestions are welcome; thanks,
- Mark
More information about the bind-users
mailing list