[56990] in North American Network Operators' Group
Re: how to get people to upgrade? (Re: The weak link? DNS)
daemon@ATHENA.MIT.EDU (Dave Israel)
Wed Mar 26 10:34:01 2003
From: Dave Israel <davei@algx.net>
Date: Wed, 26 Mar 2003 10:33:25 -0500
To: Paul Vixie <vixie@vix.com>
Cc: nanog@merit.edu
In-Reply-To: how to get people to upgrade? (Re: The weak link? DNS) (Paul Vixie)
Reply-To: davei@algx.net
Errors-To: owner-nanog-outgoing@merit.edu
On 3/26/2003 at 15:24:18 +0000, Paul Vixie said:
[snip]
> so here's a proposal. we (speaking for ISC here) could add a config option
> (default to OFF) to make bind send some kind of registration packet at boot
> time, containing an e-mail address for a technical contact for that server,
> and perhaps its hostname as well. the destination would be configurable, and
> the format would be open, and we would include in the distribution a tool
> capable of catching these. any campus/WAN admin who wanted to run their own
> "BIND registration system" could do so. anyone who wanted to simply config
> their server to send registration data to ISC could do so. for data received
> at ISC, we'd (a) keep it completely private other than public statistics,
> (b) clean it of obvious trash (some people will sent registration data for
> president@whitehouse.gov just for fun; we know that), and (c) use the contact
> information only in the event that a security defect discovered in that
> version. remember, the default would be OFF.
I'm not sure this helps. The people who don't subscribe or pay
attention to CERT advisories are the same ones that won't turn this
option on. It is like the cache option in Apache; the people who
would get the most benefit, the ones with mainly static web pages, are
the same ones who do not know to turn it on.
-Dave
