On Sat, 31 Mar 2007, Jeff Shultz wrote:
Does that sound about right?
If ISPs cannot be forced into running a 24/7/365 response function, I
don't see the registry/registrars doing it.
Solving this at the DNS level is just silly, if you want to solve it it
either you get to the core (block
On Sun, 1 Apr 2007, Mikael Abrahamsson wrote:
net today that has made it into the raging success it is today. It's not
perfect, but it works, and it doesn't have a single point of failure.
You just lost my respect for the remainder of this thread. :)
... and people have very bad
On Sun, 1 Apr 2007, Mikael Abrahamsson wrote:
If ISPs cannot be forced into running a 24/7/365 response function,
I don't see the registry/registrars doing it.
Maybe if a body with the proper authority to penalize the ISP's were
in order this wouldn't be an issue. Look at BGP dampening and
You do realize this post is not about Microsoft or IE 0days, right?
I would prefer not to turn this into an OS flamefest, my only point is that
*this list* is not the proper venue to discuss this issue; nor the methods
that you suggest as a remedy, regardless of merit.
Again if the rest
[EMAIL PROTECTED] (Jeff Shultz) writes:
As I see it, the problem at hand is the current Windows 0day. What Gadi
is doing is concentrating on a tactic it is using to justify solving
what he sees as a more general problem (DNS abuse) that could be used by
an exploit to any operating system.
On Sun, 01 Apr 2007 13:08:14 EDT, Donald Stahl said:
*Please don't think for a second I want to see the scammers given carte
blanche to do what they want- or that we shouldn't try to stop them- but
pretending we can solve the problem of user stupidity through technology
is disingenuous and
the more general problem is hard to agree about. i think it's that every
day neustar and afilias and verisign and the other TLD registries handle
many millions of new-domain transactions, most of which will never be paid
for (domain tasting)
Right.
and most of which are being held with
There is a current on-going Internet emergency: a critical 0day
vulnerability currently exploited in the wild threatens numerous
desktop
systems which are being compromised and turned into bots,
I feel very strongly that this is just
yet-another-Windows-vulnerability.
If I wanted to read
On Sat, 31 Mar 2007, Patrick Giagnocavo wrote:
There is a current on-going Internet emergency: a critical 0day
vulnerability currently exploited in the wild threatens numerous
desktop
systems which are being compromised and turned into bots,
I feel very strongly that this is just
On Mar 31, 2007, at 8:57 PM, Gadi Evron wrote:
On Sat, 31 Mar 2007, Patrick Giagnocavo wrote:
If the list feels otherwise, and that it is of interest and within
nanog guidelines, then I acquiesce, respecting the greater wisdom of
the list.
You do realize this post is not about Microsoft
On Mar 31, 2007, at 11:57 PM, Gadi Evron wrote:
You do realize this post is not about Microsoft or IE 0days, right?
Your words made it clear that it was.
Generalizing from Windows 0day to coordinate shutdown of DNS for
evil domain in a timely fashion is just obfuscating that the only
On Sat, 31 Mar 2007, Steve Atkins wrote:
I'm prepared to concede, despite your previous history, that there
may well be an actual issue (as there are an awful lot of hideously ugly
corners with both DNS the protocol and domain reigsitration the
policy), but you're being incredibly bad at
Patrick Giagnocavo wrote:
On Mar 31, 2007, at 11:57 PM, Gadi Evron wrote:
You do realize this post is not about Microsoft or IE 0days, right?
Your words made it clear that it was.
Generalizing from Windows 0day to coordinate shutdown of DNS for
evil domain in a timely fashion is just
On Mar 31, 2007, at 11:16 PM, william(at)elan.net wrote:
But DNS here is just a tool, bad guys could
easily build quite complex system of control by using active HTTP
such as XML-RPC, they are just not that sophisticated (yet) or
maybe they don't need anything but simple list of pointers.
Jeff Shultz wrote:
We're looking at the alligators surrounding us. Gadi is trying to
convince us to help him in draining the swamp (which may indeed be a
positive thing in the long run).
Does that sound about right?
If you drain the swamp the hippo's will be very angry and run at you.
15 matches
Mail list logo
