[95563] in North American Network Operators' Group
Re: On-going Internet Emergency and Domain Names
daemon@ATHENA.MIT.EDU (Adrian Chadd)
Sat Mar 31 10:37:22 2007
Date: Sat, 31 Mar 2007 22:45:15 +0800
From: Adrian Chadd <adrian@creative.net.au>
To: Gadi Evron <ge@linuxbox.org>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.21.0703310915130.24495-100000@linuxbox.org>
Errors-To: owner-nanog@merit.edu
On Sat, Mar 31, 2007, Gadi Evron wrote:
>
> On Sat, 31 Mar 2007 alex@pilosoft.com wrote:
> > OK, so, do you officially declare the emergency? Should we all block the
>
> This is an emergecy incident on the scale of WMF, but no, it is indeed
> being handled. I am raising the flag on an ever increasing problem with
> DNS.
One could argue its an ever increasing problem with IP.
> This latest incident illustrates some of our operational problems with the
> security of the Internet.
Again; one could argue its also an increasing problem with IP. I wonder if
anyone can come up with methods of solving this at the IP layer..
> > There needs to be due process for these actions. And once we close this
> > vector, I'm sure that botnets will simply migrate away from DNS to some
> > other protocol.
>
> YOu shouldn't confuse TCP/IP for the control channel of the botnets which
> is IRC, HTTP, etc.
>
> DNS is not going anywhere, patch for the hosts file or not.
And I'm sure they'll migrate away from DNS when it becomes inconvienent.
I'm still pleasantly surprised how many organisations spend large amounts of
money controlling what comes in and almost never try to handle what goes -out-.
Adrian
