On Sun, 22 Jul 2007, Steven M. Bellovin wrote:
>
> Yes, they can change it, but they can't change it without being caught.
also assuming your application understands a non-signed vs signed
response... no apps currently do, aside from the FireFox plugin supported
(I think) by Sparta still?
* Sean Donelan:
> On Sun, 22 Jul 2007, William Allen Simpson wrote:
>> Comcast still blocks port 25. And last week, a locally well-known person
>> was blocked from sending outgoing port 25 email to their servers from her
>> home Comcast service.
>
> MSA port 587 is only 9 years old. I guess it
> >I'm still unsure that this is either a good idea or a bad idea...
> >changing the DNS can only help until the bots start connecting directly
> to >IP addresses. Then where do we go? NAT those connections to
> elsewhere? It's >one of those lovely arms races where things just get
> more and mor
Sean Donelan wrote:
On Sun, 22 Jul 2007, Raymond L. Corbin wrote:
I agree. They are at least trying to clean up their network. If they are
having a lot of problems with zombie bots that DDoS / Spam then this is
a good way to stop it, for now. The small group of users can either use
other names
On Sun, 22 Jul 2007, Raymond L. Corbin wrote:
I agree. They are at least trying to clean up their network. If they are
having a lot of problems with zombie bots that DDoS / Spam then this is
a good way to stop it, for now. The small group of users can either use
other nameservers or something li
Several people have email me privately to disagree with my statement
about DNSSEC, on various grounds. I stand by my statement, but I am
making a fair number of assumptions, some perhaps invalid. Let me be
less terse.
I'm assuming fairly universal deployment. In other words, the root
zone is s
>I'm still unsure that this is either a good idea or a bad idea...
>changing the DNS can only help until the bots start connecting directly
to >IP addresses. Then where do we go? NAT those connections to
elsewhere? It's >one of those lovely arms races where things just get
more and more >invasiv
DNSSEC provides source authenticity and data integrity. You may get a bogus
answer, but with DNSSEC in place at least you have a way of verifying the
bogosity (is that a word?) of the reply.
I agree with Steve, DNSSEC won't stop these tricks but it makes them
detectable.
I'm a Cox user at home
Is there any indication that they've done anything other than make
themselves authoritative for those DNS names and simply sent you to
their IRC server instead? If so, what they have done is pretty much
legal (mostly because I'm quite sure there is something in their ToS
which you implicitly acc
Quoting Sean Donelan <[EMAIL PROTECTED]>:
On Sun, 22 Jul 2007, William Allen Simpson wrote:
Comcast still blocks port 25. And last week, a locally well-known person
was blocked from sending outgoing port 25 email to their servers from her
home Comcast service.
MSA port 587 is only 9 years ol
Sean Donelan wrote:
Since neither Apple, Cisco nor Duke seems willing to say exactly what
the problem was or what they fixed; not very surprising; it was
probably a "Duh" problem unique to Duke's network.
Sean, Nanogers:
Thank you, for your responses.
Given the world of NDAs and other legal
On Sun, 22 Jul 2007 21:40:05 -0400
"Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote:
>
> On Jul 22, 2007, at 9:29 PM, Steven M. Bellovin wrote:
> > On Sun, 22 Jul 2007 14:56:13 -0700
> > "Andrew Matthews" <[EMAIL PROTECTED]> wrote:
> >
> >> It looks like cox is hijacking dns for irc servers.
> >>
On Jul 22, 2007, at 9:29 PM, Steven M. Bellovin wrote:
On Sun, 22 Jul 2007 14:56:13 -0700
"Andrew Matthews" <[EMAIL PROTECTED]> wrote:
It looks like cox is hijacking dns for irc servers.
And people wonder why I support DNSsec
Steve,
One of us is confused. It might be me, but right no
On Sun, 22 Jul 2007 14:56:13 -0700
"Andrew Matthews" <[EMAIL PROTECTED]> wrote:
>
> It looks like cox is hijacking dns for irc servers.
>
>
>
And people wonder why I support DNSsec
--Steve Bellovin, http://www.cs.columbia.edu/~smb
On Sun, 22 Jul 2007, William Allen Simpson wrote:
Comcast still blocks port 25. And last week, a locally well-known person
was blocked from sending outgoing port 25 email to their servers from her
home Comcast service.
MSA port 587 is only 9 years old. I guess it takes some people longer
th
Hi!
Agreed. If you're savvy enough to have a problem because of this, you're
savvy enough to a) Use another set of DNS servers or b) Use your own local
resolver.
Oh. And when they implement Plan B (inspecting each DNS packet for
IRC.* and substituting their own answer as a reply), then what?
Brandon Galbraith wrote:
On 7/22/07, *Sean Donelan* wrote:
DNS is just another application protocol that runs over IP. You don't
have to use those DNS servers to resolve names.
Possibly, you do (based on experience).
Agreed. If you're savvy enough to have a problem because of this,
Brandon Galbraith wrote (on Sun, Jul 22, 2007 at 06:28:55PM -0500):
> Agreed. If you're savvy enough to have a problem because of this, you're
> savvy enough to a) Use another set of DNS servers or b) Use your own local
> resolver.
>
> -brandon
Oh. And when they implement Plan B (inspecting each
> On Sun, Jul 22, 2007 at 02:56:13PM -0700, Andrew Matthews wrote:
> >
> > It looks like cox is hijacking dns for irc servers.
>
> > isn't there a law against hijacking dns? What can i do to persue this?
>
> no, its their network and they play by their rules.. the law would
> prevent them fro
On 7/22/07, Sean Donelan <[EMAIL PROTECTED]> wrote:
On Sun, 22 Jul 2007, Andrew Matthews wrote:
> isn't there a law against hijacking dns? What can i do to persue this?
DNS is just another application protocol that runs over IP. You don't
have to use those DNS servers to resolve names.
Agr
* [EMAIL PROTECTED] (Stephen Wilcox) [Mon 23 Jul 2007, 01:21 CEST]:
On Sun, Jul 22, 2007 at 02:56:13PM -0700, Andrew Matthews wrote:
It looks like cox is hijacking dns for irc servers.
isn't there a law against hijacking dns? What can i do to persue this?
no, its their network and they play
On Sun, Jul 22, 2007 at 02:56:13PM -0700, Andrew Matthews wrote:
>
> It looks like cox is hijacking dns for irc servers.
> isn't there a law against hijacking dns? What can i do to persue this?
no, its their network and they play by their rules.. the law would prevent them
from inserting data
On Sun, 22 Jul 2007, Andrew Matthews wrote:
isn't there a law against hijacking dns? What can i do to persue this?
DNS is just another application protocol that runs over IP. You don't
have to use those DNS servers to resolve names.
Hey
Well I suppose that would get rid of some of the script kiddies bots off of
their network...
http://www.dslreports.com/forum/remark,12922412
http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/55016
Though...I cannot think of another means to achieve their goal. However I
wonde
It looks like cox is hijacking dns for irc servers.
bash2-2.05b$ nslookup
server 68.6.16.30
Default server: 68.6.16.30
Address: 68.6.16.30#53
irc.vel.net
Server: 68.6.16.30
Address:68.6.16.30#53
Name: irc.vel.net
Address: 70.168.71.144
server ns1.vel.net
Default ser
On Jul 21, 2007, at 8:52 PM, Bill Woodcock wrote:
Cisco, Duke has now come to see the elimination of the problem,
see:
"*Duke Resolves iPhone, Wi-Fi Outage Problems"* at
http://www.eweek.com/article2/0,1895,2161065,00.asp
it's an ARP storm, or something similar,
when the iPhone roams onto
26 matches
Mail list logo