ICANN ICANN Email List Archives

[wildcard-comments]


<<< Chronological Index >>>    <<< Thread Index >>>

[wildcard-comments] Verisign wildcard breaks many servers which resolve using dns then hosts

  • To: <wildcard-comments@xxxxxxxxx>
  • Subject: [wildcard-comments] Verisign wildcard breaks many servers which resolve using dns then hosts
  • From: <TomJ@xxxxxxxxxxxxxxxx>
  • Date: Thu, 2 Oct 2003 19:24:26 -0600
  • Importance: Normal
  • Sender: owner-wildcard-comments@xxxxxxxxx

Verisign wildcard breaks many servers which resolve using dns then hosts

Verisign, without prior public notification or public testing added a DNS
wildcard.  All of my computers and many of my clients have been negatively
impacted to the point where some server just flat out no longer functioned.

One huge impact which basically killed a business network which I was called
in to fix:
        * Company "A" has a valid real working domain name and valid email
functioning.
        * Company "A" uses a non-existent domain name for their internal network
(say companyA-internal.com)
        * Company "A" dns servers configured to use DNS then HOST, now can't 
never
locate anything in companyA-internal.com
        * Company "A" printers no longer print, file servers can't be found, 
people
can't do their jobs!!!
        * Company "A" internal network is now broken until they can find and 
hire a
person to fix the problem.


I am a network engineer for a fairly large ISP.  Since Verisign placed their
wildcard in DNS, I have been receiving calls from customers and network
admins asking for help.

Because Verisign decided to not announce and test what they did,
tens-of-thousands of network admins have been taken away from their normal
jobs and forced into investigating networks gone crazy.







<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy