[rescue] The Verisign Exploit

Sheldon T. Hall shel at cmhcsys.com
Wed Sep 17 16:28:43 CDT 2003

Patrick Giagnocavo +1.717.201.3366 says ...

[snip my plea for a patched version of BIND to fix the Verisign Problem]

> Don't need that.  Just add an entry to /etc/hosts for
> sitefinder.verisign.com that redirects to localhost or a site of your
> choice.  For multiple people that are using your DNS, make yourself
> authoritative for that FQDN and serve up whatever you want in its stead.

Yeah, I like that.

I already have a ton of ad-ware sites in my machine's hosts file, but I
haven't bothered to put 'em in my DNS server.

Isn't there a script somewhere that turns a hosts file into proper zone
files for DNS?


More information about the rescue mailing list