[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: keyserver.debian.org.com

On Tue, 03 Dec 2002, Steve Langasek wrote:
> On Tue, Dec 03, 2002 at 09:58:18AM -0800, Philip Brown wrote:
> > Has anyone noticed that someone has pseudo-hijacked 
> > keyserver.debian.org.com
> 
> > Is this supposed to be there?
> > It seems to be kinda worrying that someone has registered that hostname.
> > Particularly since I found it by doing a dns lookup of 
> > keyserver.debian.org
> 
> > and the host I'm on, fell through to automatically adding a .com to it,
> > and finding that address.
> 
> When it first occurred to someone that this sort of a trick could be
> played on people to hijack domains, an RFC came out specifying that
> hostname resolvers should NOT append the local TLD to the requested name
> when trying to resolve it.  Sounds like you have a broken system.

Oh, you mean they can't do as Mozilla, IE, and a lot of other
crap^H^H^H^Hbrowsers do?

I *seriously* doubt the system resolv libraries are doing such weirdness...

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh
Reply to: