In case you didn't see the news on Slashdot (I didn't--someone had to tell me), it seems that Verisign has decided to demonstrate their evil in a way that I thought only Microsoft would:
As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was 'somecompany.com,' and somebody typed 'soemcompany.com' by mistake, they would get VeriSign's advertising.
Okay, everyone. Let's all say it together: Fuck Verisign!
In case you haven't already done so, now would be an excellent time to move your domains to a more sensible registrar. I moved all mine to OpenSRS a while ago and have never looked back.
Consider making an appropriate entry for 64.94.110.11 in your routing table and/or firewall.
Some are reporting that not all the root severs have the wildcard yet. I found that it worked sometimes but not others.
See Also: I feel so dirty...