[87708] in North American Network Operators' Group
Re: sober.z to hit tomorrow
daemon@ATHENA.MIT.EDU (Elijah Savage)
Thu Jan 5 15:08:40 2006
Date: Thu, 05 Jan 2006 15:08:11 -0500
From: Elijah Savage <esavage@digitalrage.org>
To: nanog@merit.edu
In-Reply-To: <43BD6B15.6020900@wilcomm.net>
Errors-To: owner-nanog@merit.edu
Wil Schultz wrote:
>
> Wouldn't it be fun if it contained the WMF exploit in some form?
> So, I'm planning on using swatch to monitor DNS requests for the known
> affected domains. What is everyone else planning to do?
>
> -Wil
>
All the popular domains known we have puched out a global rule to our
customers to block those domains and we are blocking those domains on
the aggregate circuits/routers as a secondary precaution. I plan to
check a few times tomorrow to see if any of those domains that aren't
registered yet actually show up and possibly use netflow also.
--
http://www.digitalrage.org/
The Information Technology News Center
