Slashdot Mirror
Blocking SiteFinder Service
apankrat writes "Given VeriSign's position on wildcard redirection service, it looks like it's time for a simplier and more efficient ways of bringing things back to where they were. For those running BIND there is a patch;
for those on the client side - there is a dnsfix for Windows and the usual iptables hackery under Linux. Aware of any other clean and easy ways to block wildcarding ? Post below."
I blocked the sitefinder with PF on my firewall. Not very elegant but it worked. Wildcard domains still resolve, but I don't get that stupid sitefinder thing anymore.
/.ing: http://www.whois.sc/verisign-dns/
I will be doing the BIND patch later when I have more time.
ps: go vote at the new site as the petitiononline site was killed by the previous
/* oops I accidentally made a comment, sorry */
here.
version 1.16 is ok.
others have fixes, too, you can find them in this place.
hope I have helped,
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
it looks like it's time for a simplier and more efficient ways
And it looks like it's time for a simplier and more efficient way to spell-check submitted articles.
Opinions on the Twiddler2 hand-held keyboard?
how do I go about explaining to my ISP that this needs to be blocked?
I added this to my FORWARD rule on the Firewall:
iptables -A blocked_sites -p TCP -d 64.94.110.11 -j REJECT --reject-with icmp-host-unreachable
Will be doing the DNS patch soon. But this works for now.
Chris Southern
-- MarkusQ
The way I've dealt with it under both XP & OS X is to modify etc/hosts.
Under OS X, Solaris, Linux, etc., it's "/etc/hosts". Under Windows XP, it's "C:\Windows\system32\drivers\etc\hosts"
In either case, add this to the end of the file:
0.0.0.0 sitefinder.verisign.com
Wah-lah!
the clock on the wall says 4 til 7
Why is this story filed under "Your Rights Online?"
Verisign switched from their buggy, not SMTP-compliant mailrejector "Snubby Mail Rejector Daemon v1.3" on 64.94.110.11 towards postfix (according to the banner)?
...
$ telnet oauwnxtrgqoiezrfgnxocrzq.net 25
Trying 64.94.110.11...
Connected to oauwnxtrgqoiezrfgnxocrzq.net.
Escape character is '^]'.
220 sitefinder.verisign.com VeriSign mail rejector (Postfix)
At least, they are now able to bounce properly
/graf0z.
Boy, that article really sticks it to Verisign. What the fuck were they thinking? You don't go and mess with a fundamental error behavior in something as critical as DNS. I've heard of corporate greed, but this is just unacceptible.
The only concern I have with ISC's fix to BIND is that they just filter for that one IP address (64.94.110.11)... all Verisign has to do is change the IP in their wildcard A-record and we'll be back to square one.
I hope more people bring lawsuits against Verisign and that Verisign gets their proverbial ticket yanked, i.e., that they are no longer allowed to be the top-level registrar. Fuck them... they blew it.
If you want to block sites just use a local proxy config. As fas As I know it works under ALL O.S. http://www.schooner.com/~loverso/no-ads/
7680 MB Disk,192 GB Transfer,
Patch 'em up and move 'em out...
Warning: This signature may offend some viewers.
Which should mean that mail etc. will be unaffected.
acl verisign dst 64.94.110.11
http_access deny verisign
i am totaly against this site finder &#@*&# here is what i did.. i added a static route for ip 12.158.80.10 with my PC IP address as the gateway. this will simply create a timeout when ever your pc tries to access 12.158.80.10 .. might not be the best solution for the problem but since i have no control over my dns this was a simply and easy trick.
http://iesucks.org
The best solution short of carpet-bombin Verisign corporate headquarters is to use one of the actual "fixes" for the problem like the Bind 9.2.2rc3 patches. This patched version of Bind and the appropriate config lines causes bind to ignore all lookups in the GTLD servers that return something other than a delegation. This prevents the lookups from returning 64.94.110.11 and ensures that the proper NXDOMAIN value is returned instead.
On my windows network I mistyped a name to a network share, and got a username/password required to access this resource prompt. Now I find that Verisign can intercept all traffic to mistypedhost.mycompany.com, they must be intercepting a godawful lot of awfully tasty traffic.
Interesting discussion tonight with Verisign/Network solution supprot line (Worldwide: +1-703-742-0914 then 2 then 7). I was complaining that while trying to reach my own mydomain.com (true name replaced here) I did a mistake and was drag to sitefinder.verisign.com and that i didn'' agree with that. The man then went straight to tell me that I should buy misplling variants of my domain name !!! I couldn't believe my ears ! I regret I hadn't a lawer to record the conversation ...
The man just agreed finaly it was not possible to buy all possible mistyppings in all languages keyboards lay-outs.
After a few minutes of exchanges (the total communication lasted for 12 minutes) the man finally failed to understand that I just wanted my IP to be excluded from siteFinder system, which I was telling him from the begining. Anymay, he then asked if I was the owner of the mis-typed name and I had to admit I was not. His point was that since I was not the owner of the mis-typed domain I had no right on it. True.
Now I reversed the charge and asked him if Verisign was the owner of the mis-typed domain and he was forced to admit that the answer was "no".
As we reached a dead end by this way we finally courtesy closed the conversation that is very interesting in my point of view.
The summary of this conversation is that :
- Network Solution is actively trying to use sitefinder mess to sell mis-typed domains, which may be reprehensive in some way (I am not a lawer, but if you bring somebody to some place against his will in order to solicitate him to buy something it may be illegal) ;
- Verisign must admit that it doesn't own the mis-typed domains. I don't know if there is an implication of that, through.
Until yesterday that is. I typoed a domain name and was suddenly looking at the damned Sitefinder page again.
I pinged the web address of the Sitefinder page and I was getting a different IP address than before. They either moved the damnable thing or they've started playing musical chairs to try to force it past people's barricades. I'm now seeing it at 12.158.80.10
How's that for a "service"?
Quoth he
"It's all academic anyway..."
These people aren't just redirecting domains. .com out of my domain and get to sitefinder! they have stolen my domain!
/. them too?
I leave the . in the
yea, that
"Copyright(C) 2003 VeriSign, Inc. All Rights Reserved"
they have at the bottom of the sitefinder page.
No, im not respecting their copyright. Gonna download that page, then mirror it on my page, then distribute it all over kazaa and overnet...
Oh yes, does anyone here mind if we
DDoS verisign?
Make it a sign of protest.
Hopefully they will learn to stop when their bandwidth gets choked.
-Grumpy sitefinder user.
Is it true that more people vote for the winner of American Idol, than vote for the president? -Ali G.