[192882] in North American Network Operators' Group
Re: Avalanche botnet takedown
daemon@ATHENA.MIT.EDU (Justin Paine via NANOG)
Thu Dec 1 16:08:59 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <40F41E0A-B740-49FC-9A8D-B70FE55A857D@DataIX.net>
Date: Thu, 1 Dec 2016 13:06:39 -0800
To: "J. Hellenthal" <jhellenthal@dataix.net>
From: Justin Paine via NANOG <nanog@nanog.org>
Reply-To: Justin Paine <justin@cloudflare.com>
Cc: NANOG list <nanog@nanog.org>, Rich Kulawiec <rsk@gsp.org>
Errors-To: nanog-bounces@nanog.org
straight from the horse's mouth -- they said "99.99% of the 900,000
domains" have been sinkholed.
____________
Justin Paine
Head of Trust & Safety
Cloudflare Inc.
PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
On Thu, Dec 1, 2016 at 1:02 PM, J. Hellenthal <jhellenthal@dataix.net> wrote:
> 99% ? That's a pretty high figure there.
>
> --
> Onward!,
> Jason Hellenthal,
> Systems & Network Admin,
> Mobile: 0x9CA0BD58,
> JJH48-ARIN
>
> On Dec 1, 2016, at 14:56, Rich Kulawiec <rsk@gsp.org> wrote:
>
>> On Thu, Dec 01, 2016 at 05:34:26PM -0000, John Levine wrote:
>> [...] 800,000 domain names used to control it.
>
> 1. Which is why abusers are registrars' best customers and why
> (some) registrars work so very hard to support and shield them.
>
> 2. As an aside, I've been doing a little research project for a
> few years, focused on domains. I've become convinced that *at least*
> 99% of domains belong to abusers: spammers, phishers, typosquatters,
> malware distributors, domaineers, combinations of these, etc.
>
> In the last year, I've begun thinking that 99% is a serious underestimate.
> (And it most certainly is in some of the new gTLDs.)
>
> ---rsk
>
