Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Privacy leak in VeriSign's SiteFinder service #2
From: der Mouse <mouse () Rodents Montreal QC CA>
Date: Wed, 24 Sep 2003 15:45:23 -0400 (EDT)

Verisign does NOT reject the connection until AFTER the MAIL FROM:
and RCPT TO: fields have been communicated by your email server.

The "server" they had completely ignored, as far as anyone could tell,
all input: you could type total garbage lines and get exactly the same
canned sequence of responses.

Note the past tense.  Now, when I connect there, I get a 521
"greeting", from some host that apparently believes it lives in a new
TLD .11 (apparently not content with inventing new .com and .net names,
they've now invented a whole new TLD - at least this one they didn't
actually put in the DNS):

% telnet yyaahhoooo.com 25
Connected to yyaahhoooo.com.
Escape character is '^]'.
521 Recipient domain does not exist
Connection closed by foreign host.

They could (AND SHOULD) REJECT from the initial connection,

Actually, the wildcard shouldn't have been inserted in the first place;
when it was, .com and .net should have been immediately handed over to
a more ethical custodian.  But Verisign doesn't seem willing to remove
the wildcard on their own (hardly surprising), and ICANN appears
unwilling to do more than scold (depressing, but not really surprising).

Bad, verisign.  Very bad.

Well, yes, but we knew _that_ from the day the wildcard went in.

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               mouse () rodents montreal qc ca
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]