You know, I'm wondering.. if everyone in the world all wrote a little perl script to do a million HTTP GETs of some domain that doesn't exist, they wouldn't really be guilty of any network flooding, since they _should_ be getting domain not found errors and the problem being restricted locally to that script...so it seems as though it would be Verisign's own fault for specifically redirecting these queries to their own server - which I doubt could handle a few million per second.
The same would apply I believe for a domain that someone registered but didn't have configured properly; it'd be an attempt to flood one's own servers, but Verisign would redirect all that flooding to themselves.
The naturally logical way Verisign would want to stop all that flooding would be turning the sitefinder service off, which would cause everyone's little script to just sit there and be unable to resolve DNS, remaining dormant.
Just thinking out loud :\
- [Full-Disclosure] Verisign abusing .COM/.NET monopol... Thor Larholm
- Re: [Full-Disclosure] Verisign abusing .COM/.NE... Joshua Levitsky
- Re: [Full-Disclosure] Verisign abusing .COM... Joshua Levitsky
- Re: [Full-Disclosure] Verisign abusing ... Craig Pratt
- RE: [spam] Re: [Full-Disclosure] Ve... Jonathan A. Zdziarski
- RE: [spam] Re: [Full-Disclosure] Ve... Exibar
- Re: [spam] Re: [Full-Disclosur... Samurai
- Re: [spam] Re: [Full-Discl... Vincent
- Re: [Full-Disclosure] Verisign abusing .COM... Brian Hatch
- Re: [Full-Disclosure] Verisign abusing ... Michael J McCafferty
- Re: [Full-Disclosure] Verisign abus... Kilian CAVALOTTI
- Re: [Full-Disclosure] Verisign abus... Jonathan A. Zdziarski
- Re: [Full-Disclosure] Verisign abusing .COM... SF Admin
- Re: [Full-Disclosure] Verisign abusing .COM... Joshua Levitsky
- Re: [Full-Disclosure] Verisign abusing ... Michael Scheidell
