[87968] in North American Network Operators' Group
Re: GoDaddy.com shuts down entire data center?
daemon@ATHENA.MIT.EDU (Simon Waters)
Mon Jan 16 05:39:33 2006
From: Simon Waters <simonw@zynet.net>
To: nanog@nanog.org
Date: Mon, 16 Jan 2006 10:43:01 +0000
In-Reply-To: <200601160605.k0G65BFS015643@world.std.com>
Errors-To: owner-nanog@merit.edu
Doesn't this fall under bad things happen.
Hopefully it is very clear to all on NANOG that DNS changes can have
unforeseeable consequences, because of the nature of the delegation in the
DNS.
As such pulling DNS records (or zones) you don't fully understand the usage
of, as a response to a security/spam problem, is generally a bad idea.
That said ultimately a decision has to be taken, relative benefits versus
risks.
I'm very grateful someone arranged that all records used by the "MINIT" trojan
now point to an RFC1918 private address space*, having found infected boxes
failing to download their payload as a result. However pulling DNS records
probably doesn't belong in the hurly burly of front line support.
Simon
*Anyone going to check how many DNS servers are still caching "asfasf.ath.cx",
to tell how many boxes "nearly" downloaded the payload? In the style of the
Sony DRM fiasco measurement.
