1) My ISP's nameserver still points sites like
http://www.nonexistent-domain-nothin...sitefinder.com
to 64.94.110.11. However, the browser is unable to connect to the webserver there.

2) Hasn't been the Sitefinder DDoS'ed? I bet it was or it will...

3) There are many feasible DDoS scenarios available, for instance
feeding e-mail addresses like
random_number@www.nonexistent-domain...sitefinder.com
to the spambots, bringing traffic to



from a porn site or a Web forum... Haven't Verisign expect that?

TJP

Gandalf Parker wrote in message news:...
> [copied from my ISP's newsgroup]
>
> Verisign's put in a wildcard A record for .COM and .NET that points at
> 64.94.110.11. Now any previously unresolvable DNS lookups resolve to a
> server hosting an Overture search page sponsored by Verisign.
>
> This breaks "unresolvable address" mail checks, among other things. It
> also makes several types of network troubleshooting more difficult if
> you're doing your own DNS. Things that would be obviously broken before
> now will resolve to an address (though not the one you expected).
>
> Verisign's description of the process is here:
>
> http://www.verisign.com/resources/gd...ementation.pdf
>
> Some people have already started distributing BIND patches that map a
> response of 64.94.110.11 to unresolvable. Opinions?