[wildcard-comments] Verisign wildcard DNS effecting current Domains
Verisigns wildcard DNS can effectively high jack, existing FTP access to domains that are currently in good standing and are not registered through them. I have tried the following, after receiving a complaint that a customers login did not work. FTP directly into the host name, with the wrong login and the FTP gets directed to 64.94.110.11:21 all in the same session ( a Verisign address ) after failing the login process. I have the logs to prove this despicable highjacking of access to a Domain, and the support time required to address this issue. Find log posted below without the Domain details showing the redirect to verisign. This is a blatant Security Risk on all FTP. ( Domain and IP hidden to protect the Fortune 500 Company, full details available on request by Authorized ICANN representative ) WINSOCK.DLL: WinSock 2.0 WS_FTP LE 5.08 2000.01.13, Copyright © 1992-2000 Ipswitch, Inc. - - connecting to 66.*.*.*:21 Connected to 66.*.*.* port 21 220- FTP Server WAR-FTPD Ready Host type (1): WarFTPD 220 Please enter your user name. USER LOGINNAME 331 User name okay, Need password. PASS (hidden) 421 Password not accepted. Closing control connection. ! Logon failure, so quitting - - connecting to 64.94.110.11:21 ! Connection failed **********.com - connection refused ! Connection failed **********.com - - connecting to 64.94.110.11:21 ! Connection failed **********.com - connection refused ! Connection failed **********.com I hope this matter is taken seriously as this is now a major Security ISSUE. I can be contacted at the telephone number below. Carl C.Dalton Inc 305-758-4056 |