Re: NetReg: CommonName

New Message	Reply	Date view	Thread view	Subject view	Author view	Attachment view

From: John Hascall (john@iastate.edu)
Date: Fri Aug 30 2002 - 10:49:52 CDT

Next message: Robert Lowe: "Re: NetReg: More than one Allowable Domain?"
Previous message: Robert Lowe: "Re: NetReg: CommonName"
In reply to: Robert Lowe: "Re: NetReg: CommonName"
Next in thread: Eric Gauthier: "NetReg: Counting issue"
Reply: Eric Gauthier: "NetReg: Counting issue"

> "King, Michael" wrote:
> CommonName didn't break DNS, it broke the browser. In addition to
> attempting to lookup "common names", this application tracks your
> web usage. Verify with a sniffer or tcpdump whether it attempts to
> go back to commonname.com to look up even the redirect, which in this
> case forces it into a never-ending loop. ...

  Absolutely, this commonname this is real scumware.
  The system we use is a little different than 'NetReg'
  but we saw the same looping problems -- but more
  important is the spying (from our logs):

Peer: 10.11.173.50
Time: 'Sun, 18 Aug 2002 19:58:55 GMT'
Line: 'GET /BarInfo.asp?lc=en&url=https://asw.iastate.edu/cgi-bin/acropolis/pnp?destination=http://www.microsoft.com/isapi/redir.dll
&vs=2.3&fv=0&ver=2.30&edn=bb&ds=iMesh(bb%202.30)&un=NU2NV6NWFMS7PWFMQ2DUFME6NW5M-&sn=D6151E9F-16E1-456E-A2CD-937E598204CE&pn=52782-O
EM-0009147-00557&cc=USA&ll=enu HTTP/1.1'
Line: 'Accept: */*'
Line: 'Accept-Language: en-us'
Line: 'Accept-Encoding: gzip, deflate'
Line: 'User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90)'
Line: 'Host: www.commonname.com'
Line: 'Connection: Keep-Alive'
Line: 'Cookie: CNDATE=WEEKDAY=7&DAY=11&MONTH=5&YEAR=2002'
Line: ''

  Note how it is sending form field data from a HTTPS page to
  them (and over port 80 in the clear, no less!). This fact
  was enough to get them totally banned at our border router.

  In addition to a special page to tell people to uninstall
  this P.O.S. y'all might consider whether or not you want
  it sending 'secure' info through your border routers too...

John

**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************

Next message: Robert Lowe: "Re: NetReg: More than one Allowable Domain?"
Previous message: Robert Lowe: "Re: NetReg: CommonName"
In reply to: Robert Lowe: "Re: NetReg: CommonName"
Next in thread: Eric Gauthier: "NetReg: Counting issue"
Reply: Eric Gauthier: "NetReg: Counting issue"

New Message	Reply	Date view	Thread view	Subject view	Author view	Attachment view

This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:38 CDT