[150253] in North American Network Operators' Group
Re: DNS Attacks
daemon@ATHENA.MIT.EDU (Tei)
Mon Feb 20 10:39:20 2012
In-Reply-To: <CAMhuimj6QLwtqiJYesxoH13PCoLK+Sb1ohRvH27HCDfmOjZJkw@mail.gmail.com>
From: Tei <oscar.vives@gmail.com>
Date: Mon, 20 Feb 2012 16:38:00 +0100
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
I am a mere user, so I all this stuff sounds to me like giberish.
The right solution is to capture the request to these DNS servers, and
send to a custom server with a static message "warning.html". Nothing
fancy. With a phone number to "get out of jail", so people can call
to "op-out" of this thing, so can browse the internet to search for a
solution.
This or do nothing.
http://www.guardian.co.uk/world/2012/jan/18/iran-death-sentence-porn-progra=
mmer
Interpol helps Iran capture a programmer for creating porn sites.
Now, if the Interpol want you to block a DNS server, or worse, to spy
on users conecting to a DNS server. Will you help? doing nothing is
also a good option, methinks. Start medling, redirecting dns trafic,
spyiing on the user... all these things are dirty and can't end well.
(note, of course, I am a user, so I have a user opinion. )
--=20
--
=E2=84=B1in del =E2=84=B3ensaje.
