On Tue, Apr 14, 2015 at 10:23:26AM +0200, Stephane Bortzmeyer wrote: > https://www.us-cert.gov/ncas/alerts/TA15-103A > http://haxpo.nl/haxpo2015ams/sessions/all-your-hostnames-are-belong-to-us/
this latest wave started on golem.de <http://www.golem.de/news/dns-axfr-nameserver-verraten-geheim-urls-1504-113278.html> and Heise around, well, April, 1st. While repeatedly gathering data about the prevalence and maintaining awareness can be considered a good thing, the level of substance in advisories and articles is likely to raise concerns. Without any details regarding the number of servers affected (as opposed to number of domains) and the reasons behind it - deliberation, negligence, defaults - as well as the structure of those domains(*) I fail to see why an "alert" level might have been reached. I'd also expect "split DNS" in whatever exact nomenclature to appear on the mitigation path. (*) Millions of zones out there provide little more than MX, A, and - hopefully - AAAA for "www" and the apex. -Peter _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
