Mysterious CNAME record Pointing to Network Solutions

Stephane Bortzmeyer bortzmeyer at
Thu Sep 6 13:40:04 UTC 2007

On Thu, Sep 06, 2007 at 07:42:52AM -0500,
 Martin McCormick <martin at> wrote 
 a message of 32 lines which said:

> The individual who sent the complaint to me is the administrator for
> the DNS at is an open recursive nameserver. This is bad in itself
and makes it more susceptible to poisoning. This may be what happened?

It is also apparently a vulnerable version of BIND (9.2.4),
susceptible to "query ID" guessing, which may aggravate the problem.

> Are there any indications that Network Solutions is doing anything
> sneaky again similar to the wild card A record debacle of 2003 or
> so?

This was not Network Solutions but Verisign.

More information about the bind-users mailing list