[96723] in North American Network Operators' Group
Re: Interesting new dns failures
daemon@ATHENA.MIT.EDU (Gadi Evron)
Tue May 22 17:22:32 2007
Date: Tue, 22 May 2007 16:16:18 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: David Ulevitch <davidu@everydns.net>
Cc: "Chris L. Morrow" <christopher.morrow@verizonbusiness.com>,
nanog@merit.edu
In-Reply-To: <46535C9C.5060303@everydns.net>
Errors-To: owner-nanog@merit.edu
On Tue, 22 May 2007, David Ulevitch wrote:
>
<snip>
> These questions, and more (but I'm biased to DNS), can be solved at the
> edge for those who want them. It's decentralized there. It's done the
> right way there. It's also doable in a safe and fail-open kind of way.
>
> This is what I'm talking about.
Agreed.
> > After all, nobody's security being affected by the edge of some end-user
> > machine on the other side of the world is irrelevant to my edge
> > security. FUSSP.
> >
> > DNS abuse is mostly not an edge issue.
>
> I disagree. DNS is the enabler for many many issues which are edge
> issues. (Botnets, spam, etc)
There you did it, you said the B word. Now all the off-topic screamers
will flame. :)
Botnets, spam, etc. are symptoms, and DNS is abused to help them
along. DNS abuse, i.e. abuse of DNS, is a DNS issue.
David, we agree - just talking of similar issues which are.. different.
Gadi.
