> I don't think it matters what we do, check this out: > http://www.infoworld.com/article/03/03/26/HNjazeera_1.html
They can down one server pretty easily. They can't down a hundred of servers so swiftly. Besides, if the problem is in DNS, we can employ the hosts file and set up the DNS record there; the inverse approach works neatly for blocking ads. In unixes, the file is /etc/hosts (or setting up a dedicated resolver[1]), in Windows it is (I think) c:\windows\hosts or c:\winnt\hosts (not sure). > This really is infowar, and I suspect the US government is the hacker. Infowar? Aren't at least some of us the right kind of warriors? Isn't the adversary worth of some nicely challenging fight? :) [1] Combination of dnscache and tinydns (from the djbdns package) which I am using as the resolver for my company LAN allowed neat workarounds against DNS lookups failing in the days of the Sapphire Worm attack; set the resolver for a given domain to 127.0.0.1 (where the tinydns is), then tell the tinydns that the given domain name has a given IP address. No reason why it shouldn't work now as well. Also, the people with unix machines exposed to the world could serve as ad-hoc public, semi-public, or community DNS resolvers, too many of too meaningless targets to worry about (...and dnscache is much more bulletproof than BIND, the infamous Buggy Internet Name Daemon). Together with semi-public or community mirrors, fed from an ad-hoc mailinglist[2] feed of updates (possibly GPG-signed, to avoid false data injected by the Adversaries), this could give us some time of uninterfered data feed. [2] The mailinglist servers will be a weak point of this structure. However, this structure can be distributed as well, or having a list of alternate servers to switch to when the current ones get under attack. The adversary should become aware about the list only by the data being already sent out, which is the time to switch to another server; a round-robin scheme can be used for switching them, or a random sequence. The key for success lies in the distribution. Too many of too meaningless targets. The Adversary has the equivalent of a high-caliber gun and a lot of armor-penetrating ammo. This is useful against a tank squad or a fortress, but worthless against an army of ants.
