On Tue, Dec 03, 2002 at 04:53:05PM -0200, Henrique de Moraes Holschuh wrote:
> > When it first occurred to someone that this sort of a trick could be
> > played on people to hijack domains, an RFC came out specifying that
> > hostname resolvers should NOT append the local TLD to the requested name
> > when trying to resolve it. Sounds like you have a broken system.
> Oh, you mean they can't do as Mozilla, IE, and a lot of other
> crap^H^H^H^Hbrowsers do?
> I *seriously* doubt the system resolv libraries are doing such weirdness...
I have only ever seen browsers do this kind of nonsense. I have never seen
nslookup, dig, or host, attempt such lame lookup methods before. It
appears to me to be yet another one of the sugar-it-down-for-dummies
features that found its way into browsers, so that you can type in the URL
box "microsoft" and it will deduce that you really meant
"www.microsoft.com". (After all, don't all domains start with www and end
with .com? </sarcasm>)
PNP = Plug 'N' Pray