Mysterious CNAME record Pointing to Network Solutions
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Sep 6 13:40:04 UTC 2007
On Thu, Sep 06, 2007 at 07:42:52AM -0500,
Martin McCormick <martin at dc.cis.okstate.edu> wrote
a message of 32 lines which said:
> The individual who sent the complaint to me is the administrator for
> the DNS at 139.78.239.152.
139.78.239.152 is an open recursive nameserver. This is bad in itself
and makes it more susceptible to poisoning. This may be what happened?
It is also apparently a vulnerable version of BIND (9.2.4),
susceptible to "query ID" guessing, which may aggravate the problem.
> Are there any indications that Network Solutions is doing anything
> sneaky again similar to the wild card A record debacle of 2003 or
> so?
This was not Network Solutions but Verisign.
More information about the bind-users
mailing list