[96660] in North American Network Operators' Group
Re: Interesting new dns failures
daemon@ATHENA.MIT.EDU (Gadi Evron)
Mon May 21 08:15:37 2007
Date: Mon, 21 May 2007 07:12:28 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: "Chris L. Morrow" <christopher.morrow@verizonbusiness.com>
Cc: Roger Marquis <marquis@roble.com>, nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0705210441140.8022@marvin.argfrp.us.uu.net>
Errors-To: owner-nanog@merit.edu
On Mon, 21 May 2007, Chris L. Morrow wrote:
>
>
>
> On Sun, 20 May 2007, Roger Marquis wrote:
>
> > > If not, have any root nameservers been hacked?
> >
> > To partly answer my own question, no. The data returned by root
> > (gtld) nameservers is not changing rapidly. Thanks for the pointers
> > to "fast flux" too. Wasn't familiar with this attack or terminology.
> >
> > All the same, it would seem to be an easy and cheap abuse to address,
> > at the gtlds. Why are these obvious trojans are being propagated by
> > the root servers anyhow?
>
> the root servers are responsible how exactly for the fast-flux issues?
> Also, there might be some legittimate business that uses something like
> the FF techniques... but, uhm... how are the root servers involved again?
>
Small note: For regular fastflux, yes. for NS fastflux, not so much.
