Verisign Certificate Expiration linked to Symantec AV issue Today, a Verisign root certificate included with Internet Explorer expired. As a result, Verisign's certificate revocation list server was not able to handle all the requests from clients attempting to contact it as a result of the expiration. Verisign, apparently to lower the load on its server, now resolves this server to non-routable 10/8 IP addresses 50% of the time. Some applications, most notably Norton Antivirus, use this server to verify certificates. In the case of Norton Antivirus, it is used to verify its signature file. As 50% of the time, users will not be able to contact Verisigns certificate revocation list, Norton Antivirus will stall. Workarounds: Verisign set the TTL of its DNS records rather short. So if you try after one minute again, you will likely get a valid IP address. If this is not an option, edit your hosts file and insert one of these IPs for 'crl.verisign.net': 198.49.161.200, 198.49.161.205, 198.49.161.206, 64.94.110.11. However, this is not recommended as a long term solution, as these IPs may change at any time. http://slashdot.org/article.pl?sid=04/01/08/1849245&mode=thread&tid=126&tid=128&tid=172&tid=95 http://www.verisign.com/support/vendors/exp-gsid-ssl.html?sl=070807 Web Defacements At least one web-defacement crew appears to use Google to find sites with vulnerable versions of 'DUGallery' installed. Recently, a number of issues regarding this product where posted to Bugtraq. As of this writing, no updates are available. http://seclists.org/lists/bugtraq/2003/Dec/0246.html False Weather Alerts A user reported that the "Weatherbug" application he is using is displaying false weather alerts. We have not identified the source of the false alerts. According to the report we received, corrections followed shortly after the false warnings had been received. Phishing sites of the day We did receive reports about spam advertising a fake Citibank site. ----------- Johannes Ullrich, SANS Institute, jullrich_AT_sans.orgI will be teaching next: Defending Web Applications Security Essentials - SANS Cyber Security West: March 2021 |
Johannes 4068 Posts ISC Handler Jan 8th 2004 |
Thread locked Subscribe |
Jan 8th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!