[wildcard-comments] Verisign wildcard breaks many servers which resolve using dns then hosts
- To: <wildcard-comments@xxxxxxxxx>
- Subject: [wildcard-comments] Verisign wildcard breaks many servers which resolve using dns then hosts
- From: <TomJ@xxxxxxxxxxxxxxxx>
- Date: Thu, 2 Oct 2003 19:24:26 -0600
- Importance: Normal
- Sender: owner-wildcard-comments@xxxxxxxxx
Verisign wildcard breaks many servers which resolve using dns then hosts
Verisign, without prior public notification or public testing added a DNS
wildcard. All of my computers and many of my clients have been negatively
impacted to the point where some server just flat out no longer functioned.
One huge impact which basically killed a business network which I was called
in to fix:
* Company "A" has a valid real working domain name and valid email
* Company "A" uses a non-existent domain name for their internal network
* Company "A" dns servers configured to use DNS then HOST, now can't
locate anything in companyA-internal.com
* Company "A" printers no longer print, file servers can't be found,
can't do their jobs!!!
* Company "A" internal network is now broken until they can find and
person to fix the problem.
I am a network engineer for a fairly large ISP. Since Verisign placed their
wildcard in DNS, I have been receiving calls from customers and network
admins asking for help.
Because Verisign decided to not announce and test what they did,
tens-of-thousands of network admins have been taken away from their normal
jobs and forced into investigating networks gone crazy.