[150258] in North American Network Operators' Group
Re: DNS Attacks
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon Feb 20 12:01:46 2012
To: Tei <oscar.vives@gmail.com>
In-Reply-To: Your message of "Mon, 20 Feb 2012 16:38:00 +0100."
<CACg3zYFe3dtUP08dE-GaQ89peHpmMTW0rfsA1rB3Hb6HnOP5bA@mail.gmail.com>
From: Valdis.Kletnieks@vt.edu
Date: Mon, 20 Feb 2012 12:00:20 -0500
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1329757220_3436P
Content-Type: text/plain; charset=us-ascii
On Mon, 20 Feb 2012 16:38:00 +0100, Tei said:
> The right solution is to capture the request to these DNS servers, and
> send to a custom server with a static message "warning.html".
Not all DNS lookups are for websites. The lookup could be for NTP, or SMTP,
or ssh, or a World of Warcraft server, or....
--==_Exmh_1329757220_3436P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBT0J8JAdmEQWDXROgAQJdRA/6A7AlduGGWFX6YuCDbs5cZ6Ac9teQExNo
woVd9i46roQREYIKoqHJlbswZFBgVMKmE1SXFAmtn2MW1k85BhZ3AwosZpRUJFTF
3QLu1b6Id2YFGrnu6+e20/FAeVGWA46p6cyQEId9smQTz9codnDN//cl6jDqM+Vp
aRyf/Q60PaeFJVw+HJhhC+kBuPwLz+x8sMI1Ctwfovpe1hCDZauHKwvtpRc0CW84
JTlhrj0hWQ5CunIqgi/KLqxemjMBuaQjB4I/dZFyhIqAlLmUgi/vI7rB63JLIKhr
4iLopwE4pLu8Je4r9yvJ9aGfXx8dTlWsKFjFGvMOqOp35Iwe7DgTS5yR5J5yah40
jnBuu1OAlOiEUt1mr/KPIrtxerCXP9b+vMAyFfALvc9dLm1no9MWfttXkE3xlsVQ
YxKXk5+26c0u64jNJXqfdBmrUoUEwiGXdoT33u8CfvoBv9tO+oYFPBrkBS3KTpKo
94J1yfIoOkzyyvbinWtT0r7iHSt4LzmX8VYsrm3QaK4AYThiNQGvgLTXinQt3Zes
ZGzkBC4jR1tchl1BqEUtL7xIIe8B0qO8eSzNeRD6am9fiXJRMPnVs83ZVDZFDyEX
oiVx4WjS9qGJJe3z9te5bM0v2GREBGGugp6xYYbKkI5DbLc3givOKLXOXsBTLKzi
HZnIxnXnUXY=
=2K7H
-----END PGP SIGNATURE-----
--==_Exmh_1329757220_3436P--
