[107306] in North American Network Operators' Group
Re: GLBX De-Peers Intercage [Was: RE: Washington Post:
daemon@ATHENA.MIT.EDU (Gadi Evron)
Fri Aug 29 20:52:56 2008
Date: Fri, 29 Aug 2008 19:52:49 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: Paul Ferguson <fergdawg@netzero.net>
In-Reply-To: <20080829.174338.26085.0@webmail08.vgs.untd.com>
Cc: nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
On Sat, 30 Aug 2008, Paul Ferguson wrote:
> I applaud GLBX's move to disconnect Atrivo/Intercage.
>
> What the Armin/McQuaid/Jonkman report [1] documented are activities
> that many of us in the security community have known for a couple
> of years.
>
> One thing that Krebs _didn't_ mention in his WaPo article are the
> large number of rogue DNS servers that also reside there. A couple
> of colleagues, Feike Hacquebord, Chenguai Lu, et al., presented a
> paper at the Virus Bulletin conference last year [2]. While the
> paper is almost a year old, that particular situation has gotten
> progressively worse.
>
> My only concern here is that by the publicity this issue continues
> to receive, these activities will just move else where, like
> scurrying cockroaches (like what happened with AS40989).
>
> One step at a time, I suppose.
Yep, I am almost intrigued to see where they move. They'd move eventually
anyway, the question is if we can then gripe about other countries not
being responsive and approach that problem, or have to drive by their
building to the office every morning?
Gadi
