>IMHO it really depends on how long will Verising keep this fuck-up. If >they back step in a week/month it's not worth dedicating them a plugin.
Personally, I think it's entirely fine to hammer them into submission. If they want to broker everyone's packets, so be it. Just think of all the wonderful marketing opportunities selling statistics about packets to people! Want to know the most popular mis-spelling of your companys website? No problem! The depths to the incidental marketing are endless. Someone still has to sort and sell all that, which leads me on to... This will probably go on until the Next Big Worm comes out and just randomly tries names to infect. Every time the worm has a miss, it goes to verisign and hammers their servers. While the servers themselves seem pretty well locked down, it's still a nice bit of traffic and I certainly wouldn't want to be on the receiving end of it. And while it's true worms usually crawl-by-ip, some cowboy somewhere will probably break this paradigm just for the sake of messing with Verisign. Even better if there's a Big Exploit released which only works by name-mangling (Apache/IIS), this pretty much guarantees the worm's MO will include lots of DNS name randomness. Thanks, Joshua Knarr
