[95676] in North American Network Operators' Group
Re: On-going Internet Emergency and Domain Names
daemon@ATHENA.MIT.EDU (Gadi Evron)
Sun Apr 1 22:40:12 2007
Date: Sun, 1 Apr 2007 21:32:59 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: Paul Vixie <vixie@vix.com>
Cc: nanog@merit.edu
In-Reply-To: <g3lkhbn1nv.fsf@sa.vix.com>
Errors-To: owner-nanog@merit.edu
On 1 Apr 2007, Paul Vixie wrote:
>
> ge@linuxbox.org (Gadi Evron) writes:
>
> > On Sun, 1 Apr 2007, Adrian Chadd wrote:
> >
> > > Stop trying to fix things in the core - it won't work, honest - and start
> > > trying to fix things closer to the edge where the actual problem is.
> >
> > Thing is, the problem IS in the core.
>
> nope. read what he wrote-- "it won't work, honest". the problem is on the
> front-end, an "edge", specifically in the way domain tasting works. does
> anyone really believe that there will ever again be a million domains added
> to the DNS in a 24-hour period? (of course not.) then why do verisign and
> the other TLD registries have to cope with many millions of updates per day?
> if we solve THAT problem, which is difficult and barely tractible, then the
> "dns core" will go on as before, working just fine all the while.
>
> > DNS is no longer just being abused, it is pretty much an abuse
> > infrastructure.
>
> do you mean DNS or do you mean every Internet technology including IP, UDP,
> TCP, ICMP, BGP, etc; plus most non-Internet-specific technologies including
> ASCII, Unicode, 32-bit, 64-bit, and binary?
>
> "the internet, and technology in general, is no longer just being abused,
> it is pretty much an abuse infrastructure." <--- i'd agree with *that*.
> (but this is not the first time I've been irritated that I can't choose which
> other humans to share the galaxy with and which ones I'd like to kick out.)
I stand corrected, the Internet is obviously the problem and botnets are
the very seriosu symptom, but consider:
This is not a DNS server being abused, it is the infrastructure. The
"network", centralized and de-centralized.
So yes, DNS has become an infrastructure for abuse even if the Internet
itself is not very safe.
Gadi.
> --
> Paul Vixie
>
