Re: [dns-wg] EU: DNS abuse study
173 + 99 odd But the entire thing is based around a truly horrendously broad “definition” of “DNS abuse” thus rendering the entire thing pointless -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ --- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: dns-wg on behalf of Hank Nussbacher Date: Tuesday, 1 February 2022 at 08:33 To: dns-wg@ripe.net Subject: [dns-wg] EU: DNS abuse study [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. The EU has published is 173 page opus on DNS abuse: https://op.europa.eu/en/publication-detail/-/publication/7d16c267-7f1f-11ec-8c40-01aa75ed71a1/language-en/ -Hank -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/dns-wg
Re: [dns-wg] EU: DNS abuse study
Thanks, Hank, for having spotted this! Best, -C. On 01.02.2022 09:32, Hank Nussbacher wrote: The EU has published is 173 page opus on DNS abuse: https://op.europa.eu/en/publication-detail/-/publication/7d16c267-7f1f-11ec-8c40-01aa75ed71a1/language-en/ -Hank -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/dns-wg
Re: [dns-wg] EU: DNS abuse study
Petr Špaček wrote: > g) Hosting providers with disproportionate concentrations of spam domains > reach 3,000 abused domains per 10,000 registered domain names (Appendix 1 – > Technical Report, Section 12.3, pp. 48-49). So, where there is smoke, there is probably fire. It seems like a law enforcement response, even if only a warning, is called for. Can C* suite people be charged in some way for negligence? -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/dns-wg
Re: [dns-wg] EU: DNS abuse study
On 01. 02. 22 9:32, Hank Nussbacher wrote: The EU has published is 173 page opus on DNS abuse: https://op.europa.eu/en/publication-detail/-/publication/7d16c267-7f1f-11ec-8c40-01aa75ed71a1/language-en/ I have had a peak when waiting for other things to happen and it might be interesting read. Here is a gist from chapter Executive summary: The study adopts the following definition of DNS abuse: Domain Name System (DNS) abuse is any activity that makes use of domain names or the DNS protocol to carry out harmful or illegal activity. The main findings of the measurements are: a) In relative terms, new generic Top-Level Domains (new gTLDs), with an estimated market share of 6.6%, are the most abused group of TLDs (Appendix 1 – Technical Report, Section 5, p. 26). b) Not all new gTLDs suffer from DNS abuse to the same extent. The two most abused new gTLDs combined account for 41% of all abused new gTLD names (Appendix 1 – Technical Report, Section 9.2, p. 32). c) European Union country code TLDs (EU ccTLDs) are by far the least abused in absolute terms and relative to their overall market share (Appendix 1 – Technical Report, Section 5, p. 26). d) The vast majority of spam and botnet command-and-control domain names are maliciously registered (Appendix 1 – Technical Report, Section 10.3, p. 41). e) About 25% of phishing domain names and 41% of malware distribution domain names are presumably registered by legitimate users, but compromised at the hosting level (Appendix 1 – Technical Report, Section 10.3, p. 41). f) The top five most abused registrars account for 48% of all maliciously registered domain names (Appendix 1 – Technical Report, Section 11.2, pp. 43-44). g) Hosting providers with disproportionate concentrations of spam domains reach 3,000 abused domains per 10,000 registered domain names (Appendix 1 – Technical Report, Section 12.3, pp. 48-49). h) The overall level of DNS security extensions (DNSSEC) adoption remains low. (Appendix 1 – Technical Report, Section 15.3, pp. 62-63). i) There are 2.5 million open DNS resolvers worldwide that can be effectively used as amplifiers in distributed denial-of-service attacks (Appendix 1 – Technical Report, Section 16.4, p. 70). The numbers above sound interesting. -- Petr Špaček -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/dns-wg
[dns-wg] EU: DNS abuse study
The EU has published is 173 page opus on DNS abuse: https://op.europa.eu/en/publication-detail/-/publication/7d16c267-7f1f-11ec-8c40-01aa75ed71a1/language-en/ -Hank -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/dns-wg
