Mysterious CNAME record Pointing to Network Solutions

Martin McCormick martin at dc.cis.okstate.edu
Thu Sep 6 14:22:23 UTC 2007


First, many thanks.

Stephane Bortzmeyer writes:
> 139.78.239.152 is an open recursive nameserver. This is bad in itself
> and makes it more susceptible to poisoning. This may be what happened?

Makes sense to me.

> It is also apparently a vulnerable version of BIND (9.2.4),
> susceptible to "query ID" guessing, which may aggravate the problem.
> 
> > Are there any indications that Network Solutions is doing anything
> > sneaky again similar to the wild card A record debacle of 2003 or
> > so?
> 
> This was not Network Solutions but Verisign.

	Oh!  You are so right. I, for some reason, thought I
remembered it as Network Solutions. Apologies to Network
Solutions.



More information about the bind-users mailing list