[50236] in North American Network Operators' Group
Security of DNSBL spam block systems
daemon@ATHENA.MIT.EDU (Big_Bandwidth)
Tue Jul 23 02:17:03 2002
From: "Big_Bandwidth" <big_bandwidth@hotmail.com>
To: <nanog@nanog.org>
Date: Tue, 23 Jul 2002 02:14:05 -0400
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------=_NextPart_000_019B_01C231EE.9E8AF700
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
What are the security implications of someone hacking a DNSBL =
(Real-time-spam-block-list) and changing the block list to include (deny =
email from) some very large portion or all IPv4 space?=20
Given that a signifigant number of the spam blocking lists seem to =
operate on a shoestring budget in someone's basement, how can we be =
assured that they have sufficient resources to secure their systems =
adequatley, and monitor for intrusion 24x7?
Unless I am missing something, this would seem to be a real handy and =
centralized method for someone to interfere substantially with the =
proper operation of a few thousand email servers and hold up global =
email traffic for a few hours.
-BB
------=_NextPart_000_019B_01C231EE.9E8AF700
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2716.2200" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>What are the security implications of =
someone=20
hacking a DNSBL (Real-time-spam-block-list) and changing the block list =
to=20
include (deny email from) some very large portion or all IPv4=20
space? </FONT></DIV>
<DIV> </DIV>
<DIV>Given that a signifigant number of the spam blocking lists seem to =
operate=20
on a shoestring budget in someone's basement, how can we be assured that =
they=20
have sufficient resources to secure their systems adequatley, and =
monitor for=20
intrusion 24x7?</DIV>
<DIV> </DIV>
<DIV>Unless I am missing something, this would seem to be a real handy =
and=20
centralized method for someone to interfere substantially =
with=20
the proper operation of a few thousand email servers and hold up global =
email=20
traffic for a few hours.</DIV>
<DIV> </DIV>
<DIV>-BB</DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV></FONT></DIV></BODY></HTML>
------=_NextPart_000_019B_01C231EE.9E8AF700--
