[62941] in North American Network Operators' Group
RE: Another DNS blacklist is taken down
daemon@ATHENA.MIT.EDU (Justin Shore)
Wed Sep 24 14:14:47 2003
Date: Wed, 24 Sep 2003 13:07:37 -0500 (CDT)
From: Justin Shore <listuser@numbnuts.net>
To: nanog@merit.edu
In-Reply-To: <004501c382c2$32f550f0$1c00a8c0@Andrew>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 24 Sep 2003 andrew2@one.net wrote:
> Perhaps, but it also seems like moving an RBL onto a P2P network would
> making poisoning the RBL far too easy...
That's what I was getting ready to suggest. As it stands now we have at
least somewhat of an assurance that the zone we're working with isn't
tainted. I only use DNSBLs that offer zone transfers. I only get an AXFR
from authorized NSs for that DNSBL. Assuming that NS hasn't been
compromised I feel fairly safe in assuming that the data I'm getting is
valid. It might not be but I feel that it is. If a P2P system was
devised for distributing RBL zones then some for of validation for the
distributed zones will have to be created. That would most likely involve
a central server. Now you have a server to DDoS again. *sigh* We should
just educate spammers with clue-by-fours and make the world a better
place.
Justin
