--- [EMAIL PROTECTED] wrote:
From: "Suresh Ramasubramanian" <[EMAIL PROTECTED]>
On 5/26/07, Scott Weeks <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > the bits of governments that deal with online crime, spam, etc.,
> > I can report that pretty much all of the cou
On 5/26/07, Scott Weeks <[EMAIL PROTECTED]> wrote:
[EMAIL PROTECTED] wrote:
> the bits of governments that deal with online crime, spam, etc.,
> I can report that pretty much all of the countries that matter
> realize there's a problem, and a lot of them have passed or will
>
On Sat, 26 May 2007, Will Hargrave wrote:
>
> Joe Provo wrote:
>
> > An obvious catalyst was commercialization of domains. Which
> > interestingly enough leads us back to the lack of categories and
> > naming morass in which we live. I find it quite humourous that
> > new 'restrictive membersh
On Fri, 25 May 2007 [EMAIL PROTECTED] wrote:
> On Fri, 25 May 2007 20:31:59 -, "Chris L. Morrow" said:
>
> > cameroon outsourced their dns infrastructure management to someone, that
> > contract includes a "we can answer X for all queries that would return
> > NXDOMAIN'" ... that's not 'asl
Joe Provo wrote:
> An obvious catalyst was commercialization of domains. Which
> interestingly enough leads us back to the lack of categories and
> naming morass in which we live. I find it quite humourous that
> new 'restrictive membership' branches of the tree are now being
> proposed as a
On Fri, 25 May 2007 20:31:59 -, "Chris L. Morrow" said:
> cameroon outsourced their dns infrastructure management to someone, that
> contract includes a "we can answer X for all queries that would return
> NXDOMAIN'" ... that's not 'asleep at the wheel'
As I said, "asleep at the wheel or wor
On Fri, 25 May 2007 [EMAIL PROTECTED] wrote:
> On Fri, 25 May 2007 12:08:44 PDT, Scott Weeks said:
> > [EMAIL PROTECTED] wrote:
> > > the bits of governments that deal with online crime, spam, etc.,
> > > I can report that pretty much all of the countries that matter
> > > r
On Fri, 25 May 2007 12:08:44 PDT, Scott Weeks said:
> [EMAIL PROTECTED] wrote:
> > the bits of governments that deal with online crime, spam, etc.,
> > I can report that pretty much all of the countries that matter
> > realize there's a problem, and a lot of them have passed o
[EMAIL PROTECTED] wrote:
> the bits of governments that deal with online crime, spam, etc.,
> I can report that pretty much all of the countries that matter
> realize there's a problem, and a lot of them have passed or will
> pass laws whether we like it or not. So it b
On Friday 25 May 2007 15:40, you wrote:
>
> It's too late to put the genie back in the bottle. The only way to
> change the policy before the contract term ends is to either move ICANN
> out of US jurisdiction (to brake contract terms) or to organise a
> grass-root uprising to replace ICANNs root
On Thu, 2007-05-24 at 17:46 +, Chris L. Morrow wrote:
> which brings us back to my original comment: "we need a policy most likely
> from ICANN that requires some action based on proper documentation and
> evidence or wrong-doing/malfeasance. That policy needs to dictate some
> monetary penalt
On 5/25/07, John LaCour <[EMAIL PROTECTED]> wrote:
If you're an network operator and you'd consider null routing IPs
associated with nameservers used only by phishers, please let me know
and we'll be happy to provide the appropriate evidence.
Half of them are on fastflux so nullroutes wouldnt
On 5/24/07, Suresh Ramasubramanian <[EMAIL PROTECTED]> wrote:
On 5/24/07, David Ulevitch <[EMAIL PROTECTED]> wrote:
> Again, good idea, but doesn't belong in the core. If I register a
> domain, it should be live immediately, not after some 5 day waiting
> period. On the same token, if you wa
>which brings us back to my original comment: "we need a policy most likely
>from ICANN that requires some action based on proper documentation and
>evidence or wrong-doing/malfeasance. That policy needs to dictate some
>monetary penalties for non-compliance."
Ha ha ha ha ha ha ha ha ha.
Anyone
On Thu, 24 May 2007, Chris L. Morrow wrote:
which brings us back to my original comment: "we need a policy most likely
from ICANN that requires some action based on proper documentation and
evidence or wrong-doing/malfeasance.
Agreed, and I'd love to help define the draft rfc/policy, but is th
On Thu, 24 May 2007, Fergie wrote:
> Well, registrars have to be accredited by ICANN, right?>
> This is a policy enforcement issue, methinks.
which brings us back to my original comment: "we need a policy most likely
from ICANN that requires some action based on proper documentation and
eviden
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Kradorex Xeron <[EMAIL PROTECTED]> wrote:
>On Thursday 24 May 2007 03:13, Suresh Ramasubramanian wrote:
>
>> Some of them do. Others dont know (several in asia) or are aware and
>> dont care - theres some in russia, some stateside that mostly
On May 24, 2007, at 6:14 AM, Chris L. Morrow wrote:
On Thu, 24 May 2007, Kradorex Xeron wrote:
Very true - If this is going to work, it's goign to have to be on
a global
scale, Not just one country of registrars can be made to correct
the problem
as people who maliciously register dom
On Thu, 24 May 2007, Kradorex Xeron wrote:
>
> Very true - If this is going to work, it's goign to have to be on a global
> scale, Not just one country of registrars can be made to correct the problem
> as people who maliciously register domains will just do what the spyware
> companies do, go t
On 5/24/07, Per Heldal <[EMAIL PROTECTED]> wrote:
It should be the registries responsibility to keep their registrars in
line. If they fail to do so their delegation should be transferred
elsewhere.
Of course, to impose decent rules you'd need a root-operator whose
Moving right back to where
On Thu, 2007-05-24 at 12:43 +0530, Suresh Ramasubramanian wrote:
> Well then - all you need is to have some way to convince registrars
> take down scammer domains fast.
It should be the registries responsibility to keep their registrars in
line. If they fail to do so their delegation should be tr
On Thursday 24 May 2007 03:13, Suresh Ramasubramanian wrote:
> On 5/24/07, David Ulevitch <[EMAIL PROTECTED]> wrote:
> > Again, good idea, but doesn't belong in the core. If I register a
> > domain, it should be live immediately, not after some 5 day waiting
> > period. On the same token, if you
On 5/24/07, David Ulevitch <[EMAIL PROTECTED]> wrote:
Again, good idea, but doesn't belong in the core. If I register a
domain, it should be live immediately, not after some 5 day waiting
period. On the same token, if you want to track new domains and not
accept any email from me until my dom
Douglas Otis wrote:
On May 22, 2007, at 2:16 PM, Gadi Evron wrote:
On Tue, 22 May 2007, David Ulevitch wrote:
These questions, and more (but I'm biased to DNS), can be solved at
the edge for those who want them. It's decentralized there. It's
done the right way there. It's also doable in
On May 22, 2007, at 2:16 PM, Gadi Evron wrote:
On Tue, 22 May 2007, David Ulevitch wrote:
These questions, and more (but I'm biased to DNS), can be solved
at the edge for those who want them. It's decentralized there.
It's done the right way there. It's also doable in a safe and
fail-
On Tue, 22 May 2007, David Ulevitch wrote:
Putting that aside, what do you think nobody should try at
the edge?
People should try putting the intelligence that we have into software and
hardware. Why can't we put Gadi into an edge device?
Um, where you gonna find a 48U chassis? :-)
-Hank
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Chris L. Morrow" <[EMAIL PROTECTED]> wrote:
>Sure work on an expedited removal process inside a real procedure from
>ICANN down to the registry. Work on a metric and monetary system used to
>punish/disincent registrys from allowing their system
On Tue, 22 May 2007, Roger Marquis wrote:
>
> > Why are people trying to solve these problems in the core?
>
> Because that's the only place it can be done.
it is A PLACE, not necessarily THE PLACE. With every decision as to where
there are tradeoffs, be prepared to accept/defend them.
>
> >
On Tue, 22 May 2007, David Ulevitch wrote:
>
> Fergie wrote:
>
> > David,
> >
> > As you (and some others) may be aware, that's an approach that we
> > (Trend Micro) took a while back, but we got a lot (that's an
> > understatement) of push-back from service providers, specifically,
> > because
On Wed, 23 May 2007 01:32:41 BST, [EMAIL PROTECTED] said:
> Anyone remember the Internet Scout? Even back then labors of love like
> John December's list were more useful than the Internic services.
That worked well for 14,000 .coms. It doesn't work for 140,000,000 .coms.
> Does everybody on thi
> The directory that was contracted
> and 'supposed to' exist as part of the NNSC-to-InterNIC dance
> was to be built by old-ATT Labs. As far as I can recall, it
> was ever only an ftp repository and not much of a 'directory
> and database service' (corrections welcome).
Anyone remember the
On Mon, May 21, 2007 at 03:08:06PM +, Chris L. Morrow wrote:
[snip]
> This is sort of the point of the NRIC document/book... 'we need to
> find/make/use a directory system for the internet' then much talk of how
> "dns was supposed to be that but for a number of reasons it's not,
> google/ is
Roger Marquis wrote:
Simply
saying it is dangerous is indistinguishable from any other verisign
astroturfing.
It's not everyday that you get accused of astroturfing for Verisign.
I'm printing this, framing it, putting it on my wall, and leaving this
thread.
Thanks!
-David
Fergie wrote:
David,
As you (and some others) may be aware, that's an approach that we
(Trend Micro) took a while back, but we got a lot (that's an
understatement) of push-back from service providers, specifically,
because they're not very inclined to change out their infrastructure
(in this c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- David Ulevitch <[EMAIL PROTECTED]> wrote:
>But very few people (okay, not nobody) are saying, "Hey, why should I
allow that compromised windows box that has never sent me an MX request
before all of the sudden be able to request 10,000 MX reco
On Tue, 22 May 2007, David Ulevitch wrote:
>
> These questions, and more (but I'm biased to DNS), can be solved at the
> edge for those who want them. It's decentralized there. It's done the
> right way there. It's also doable in a safe and fail-open kind of way.
>
> This is what I'm tal
Gadi Evron wrote:
People are suggesting it become the rule because nobody is trying
anything else.
I was with you up to this sentence. Obviously avoiding the core is key,
but should we not have the capability of preventing abuse in the core
rather than mitigating it there? Allowing NS changes
Why are people trying to solve these problems in the core?
Because that's the only place it can be done.
These issues need to and must be solved at the edge.
Been there, done that, with smtp/spam, netbios, and any number of
other protocols that would also be ideally addressed at the source
On Tue, 22 May 2007, David Ulevitch wrote:
> Gadi Evron wrote:
> > On Mon, 21 May 2007, Chris L. Morrow wrote:
> >> ok, so 'today' you can't think of a reason (nor can I really easily) but
> >> it's not clear that this may remain the case tomorrow. It's possible that
> >> as a way to 'better loads
On 22 May 2007, Paul Vixie wrote:
>
> apropos of this...
>
> > >>As to NS fastflux, I think you are right. But it may also be an issue of
> > >>policy. Is there a reason today to allow any domain to change NSs
> > >>constantly?
>
> ...i just now saw the following on comp.protocols.dns.bind ("bi
Gadi Evron wrote:
On Mon, 21 May 2007, Chris L. Morrow wrote:
ok, so 'today' you can't think of a reason (nor can I really easily) but
it's not clear that this may remain the case tomorrow. It's possible that
as a way to 'better loadshare' traffic akamai (just to make an example)
could start do
apropos of this...
> >>As to NS fastflux, I think you are right. But it may also be an issue of
> >>policy. Is there a reason today to allow any domain to change NSs
> >>constantly?
...i just now saw the following on comp.protocols.dns.bind ("bind-users@"):
+---
| From: "Wiley Sanders" <[EMAIL
>>> On 5/21/2007 at 2:09 PM, Edward Lewis <[EMAIL PROTECTED]> wrote:
> At 3:50 PM -0500 5/21/07, Gadi Evron wrote:
>
>>As to NS fastflux, I think you are right. But it may also be an issue
of
>>policy. Is there a reason today to allow any domain to change NSs
>>constantly?
>
> Although I rarely
On 5/21/07, Chris L. Morrow <[EMAIL PROTECTED]> wrote:
So, I think that what we (security folks) want is probably not to
auto-squish domains in the TLD because of NS's moving about at some rate
other than 'normal' but to be able to ask for a quick takedown of said
domain, yes? I don't think we
On Mon, May 21, 2007 11:02 pm, Steve Gibbard wrote:
> Is the above situation any different from the decision of whether to use
> locally-expected ccTLDs for local content, or to use the "international"
> .com for everything?
Ah, assuming local content, no. I was coming more from the 'must prote
On Mon, 21 May 2007, Tim Franklin wrote:
The case that gets a bit murky for me is genuinely multi-national entities.
In *theory* that ought to be what .com is for, but registering yourcompany.cc
for every country where you have an operating entity looks sort of legit.
Why only sort of?
To a
On Mon, 21 May 2007, Chris L. Morrow wrote:
> On Mon, 21 May 2007, Gadi Evron wrote:
>
> > As to NS fastflux, I think you are right. But it may also be an issue of
> > policy. Is there a reason today to allow any domain to change NSs
> > constantly?
>
> well, so it's not explicitly denied in the
On Mon, 21 May 2007, Gadi Evron wrote:
> As to NS fastflux, I think you are right. But it may also be an issue of
> policy. Is there a reason today to allow any domain to change NSs
> constantly?
well, so it's not explicitly denied in the current operations policy
things, so people may depend
Stewart Honsberger wrote:
Which is why new TLDs like .xxx et al. are redundant. I can see that
becoming a haven for vanity domains.
It gets worse.
In a previous life, I had the job of de-bunking^Wevaluating whichever
bunch of alt-root snake-oil salesmen had managed to get an audience with
At 3:50 PM -0500 5/21/07, Gadi Evron wrote:
As to NS fastflux, I think you are right. But it may also be an issue of
policy. Is there a reason today to allow any domain to change NSs
constantly?
Although I rarely find analogies useful when trying to explain
something, I want to use one now t
Jay R. Ashworth wrote:
Such is not my experience, and I strongly advise people against such
stupidity.
Oh, I'd absolutely advise against it - but the branding people and the
lawyers typically think otherwise.
The case that gets a bit murky for me is genuinely multi-national
entities. In
On Mon, 21 May 2007, Chris L. Morrow wrote:
> ok, so 'today' you can't think of a reason (nor can I really easily) but
> it's not clear that this may remain the case tomorrow. It's possible that
> as a way to 'better loadshare' traffic akamai (just to make an example)
> could start doing this as w
On Mon, 21 May 2007 11:54:36 PDT, Roger Marquis said:
> Are there sites that accept mail from domains without a valid MX/A
> record?
Depends what you call "valid". A lot of sites get *real* confused when they
find out that the MX for foo.com is where foo.com's *inbound* mail servers
live, and th
On Mon, 21 May 2007, Stephane Bortzmeyer wrote:
I cannot believe that people in NANOG may confuse the ".com"
name servers with the root name servers.
Not to confuse the issue but among some managerial circles the "root"
nameservers comprise both root and tld.
Point taken though, root and tld
On Mon, May 21, 2007 at 06:57:06PM +0100,
Simon Waters <[EMAIL PROTECTED]> wrote
a message of 53 lines which said:
> PS: Those who make sarcastic comments about people not knowing the
> difference between root servers, and authoritative servers, may need
> to be a tad more explicit for the hel
> In general it is impossible when deleting a zone to know the
> full consequences of that action unless you are that zones
> DNS administrator, and even then you need to ask any
> administrators of delegated domains.
Not just deleting.
> So those who think deleting zones is a way to fix thi
On Mon, 21 May 2007, Jason Frisvold wrote:
They're likely not name servers, or at least not all name
servers.. I'd venture a guess as to these being part of a
"Snowshoe" spammer network... I've been getting hit by similar
domains for a few weeks now.. Blocking seems to be the best way
to handle
On Mon, 21 May 2007, Roger Marquis wrote:
>
> Except that there's a lot more to this pattern than simply changing NS
> at a rate other than normal, enough that it can be easily identified
> for what it is.
I'm not in the mood to argue, but 'do tell'. Perhaps someone from ICANN
will implement th
On Mon, 21 May 2007, Chris L. Morrow wrote:
ok, so 'today' you can't think of a reason (nor can I really easily) but
it's not clear that this may remain the case tomorrow.
Not a good justification for doing nothing while this sort of trojan
propagates. As analogy, it is also true we cannot se
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Chris L. Morrow" <[EMAIL PROTECTED]> wrote:
>>
>> While I agree with you, there are many of us who know that these
>> fast-flux hosts are malicious due to malware & malicious traffic
>> analysis...
>
>Oh, so we switched from 'the domain is bad
On Mon, 21 May 2007, Fergie wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> - -- "Chris L. Morrow" <[EMAIL PROTECTED]> wrote:
>
> >So, I think that what we (security folks) want is probably not to
> >auto-squish domains in the TLD because of NS's moving about at some rate
> >other
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Chris L. Morrow" <[EMAIL PROTECTED]> wrote:
>So, I think that what we (security folks) want is probably not to
>auto-squish domains in the TLD because of NS's moving about at some rate
>other than 'normal' but to be able to ask for a quick take
On Monday 21 May 2007 14:43, you wrote:
>
> I'll bet a large pizza that 90% or more could be relocated to a more
> appropriate location in the DNS tree, and nobody except the domain holder
> and less than a dozen other people will notice/care in the slightest.
More like 99% I suspect, but we've n
On 5/20/07, Roger Marquis <[EMAIL PROTECTED]> wrote:
Most of the individual nameservers do not answer queries, the ones
that do are open to recursion, and all are hosted in cable/dsl/dial-up
address space with correspondingly rfc-illegal reverse zones. Running
'host -at ns' a few times shows th
On Mon, 21 May 2007, Gadi Evron wrote:
> On Mon, 21 May 2007, Chris L. Morrow wrote:
> > On Mon, 21 May 2007, Gadi Evron wrote:
> > > Small note: For regular fastflux, yes. for NS fastflux, not so much.
> >
> > For regular FF 'yes' but for ns FF not much? Hrm, not much legit purpose?
> > or not
On Mon, 21 May 2007, Chris L. Morrow wrote:
>
>
>
> On Mon, 21 May 2007, Gadi Evron wrote:
>
> > On Mon, 21 May 2007, Chris L. Morrow wrote:
> > > the root servers are responsible how exactly for the fast-flux issues?
> > > Also, there might be some legittimate business that uses something lik
On Monday 21 May 2007 16:19, Tim Franklin wrote:
>
> > I wonder how the .de or .uk folks see things? Is the same true elsewhere?
>
> .co.uk generally seems to be understood by UK folks. .org.uk tends to
> cause a double-take. (The 'special' UK SLDs, like nhs.uk, are a maze of
> twisty turny thi
On 21-May-2007, at 10:26, Chris L. Morrow wrote:
I wonder how the .de or .uk folks see things? Is the same true
elsewhere?
I think the phenomenon of "that doesn't look right because it doesn't
end in .com" is peculiar to the US.
Elsewhere, you don't need a particularly large TLD zone to
On Mon, May 21, 2007 3:26 pm, Chris L. Morrow wrote:
> There's an interesting read from NRIC about this problem: "Signposts on
> the information superhighway" I think it's called. Essentially no one
> aside from propeller-head folks understand that there is something aside
> from 'com' :( take, f
On Mon, 21 May 2007, Gadi Evron wrote:
> On Mon, 21 May 2007, Chris L. Morrow wrote:
> > the root servers are responsible how exactly for the fast-flux issues?
> > Also, there might be some legittimate business that uses something like
> > the FF techniques... but, uhm... how are the root serve
On Mon, 21 May 2007 [EMAIL PROTECTED] wrote:
>
> > There's an interesting read from NRIC about this problem:
> > "Signposts on the information superhighway" I think it's
> > called. Essentially no one aside from propeller-head folks
> > understand that there is something aside from 'com'
>
> Se
On Mon, 21 May 2007 [EMAIL PROTECTED] wrote:
> On Mon, 21 May 2007 10:38:56 -, [EMAIL PROTECTED] said:
> > if you can get concensus to remove .com, i'm sure the roots would
> > be willing to help out.
>
> Whose bright idea *was* it to design a tree-hierarchical structure, and then
>
On Mon, 21 May 2007 10:38:56 -, [EMAIL PROTECTED] said:
> if you can get concensus to remove .com, i'm sure the roots would
> be willing to help out.
Whose bright idea *was* it to design a tree-hierarchical structure, and then
dump essentially all 140 million entries under the same
At 5:30 AM + 5/21/07, Fergie wrote:
>Why not? The Registrars seem sto being doing a great job of
>expediting the activation of new domains -- why can't they de-activate
>them just as quickly when they find out they are being used for
>malicious purposes?
>
>The "business interests" of the regi
On Mon, 21 May 2007, Stephane Bortzmeyer wrote:
>
> On Sun, May 20, 2007 at 09:25:37PM -0700,
> Roger Marquis <[EMAIL PROTECTED]> wrote
> a message of 15 lines which said:
>
> > >If not, have any root nameservers been hacked?
> >
> > To partly answer my own question, no.
>
> I cannot find t
On Mon, 21 May 2007, Chris L. Morrow wrote:
>
>
>
> On Sun, 20 May 2007, Roger Marquis wrote:
>
> > > If not, have any root nameservers been hacked?
> >
> > To partly answer my own question, no. The data returned by root
> > (gtld) nameservers is not changing rapidly. Thanks for the pointers
On Sun, 20 May 2007, Roger Marquis wrote:
>
> An odd pattern of DNS failures began appearing in the logs yesterday:
Fastflux.
Gadi.
On Sun, May 20, 2007 at 10:19:30PM -0700, Roger Marquis wrote:
>
> >>All the same, it would seem to be an easy and cheap abuse to address,
> >>at the gtlds. Why are these obvious trojans are being propagated by
> >>the root servers anyhow?
> >
> >the root servers are responsible how exactly for
In article <[EMAIL PROTECTED]> you write:
>
>On Sun, May 20, 2007 at 09:25:37PM -0700,
> Roger Marquis <[EMAIL PROTECTED]> wrote
> a message of 15 lines which said:
>
>> >If not, have any root nameservers been hacked?
>>
>> To partly answer my own question, no.
>
>I cannot find the original mess
On Sun, May 20, 2007 at 09:25:37PM -0700,
Roger Marquis <[EMAIL PROTECTED]> wrote
a message of 15 lines which said:
> >If not, have any root nameservers been hacked?
>
> To partly answer my own question, no.
I cannot find the original message in my mailbox. (Not on NANOG
mailing list archive
On Sun, 20 May 2007 22:19:30 PDT, Roger Marquis said:
> Nobody's saying that the root servers are responsible, only that they
> are the point at which these domains would have to be squelched. In
> theory registrars could do this, but some would have a financial
> incentive not to.
Some have a fin
On Sun, 20 May 2007, Roger Marquis wrote:
> >> All the same, it would seem to be an easy and cheap abuse to address,
> >> at the gtlds. Why are these obvious trojans are being propagated by
> >> the root servers anyhow?
> >
> > the root servers are responsible how exactly for the fast-flux iss
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Roger Marquis <[EMAIL PROTECTED]> wrote:
>Nobody's saying that the root servers are responsible, only that they
>are the point at which these domains would have to be squelched. In
>theory registrars could do this, but some would have a financia
All the same, it would seem to be an easy and cheap abuse to address,
at the gtlds. Why are these obvious trojans are being propagated by
the root servers anyhow?
the root servers are responsible how exactly for the fast-flux issues?
Also, there might be some legittimate business that uses so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Roger Marquis <[EMAIL PROTECTED]> wrote:
>An odd pattern of DNS failures began appearing in the logs yesterday:
>
>May 20 15:05:19 PDT named[345]: wrong ans. name (uzmores.com !=
>ns5.uzmores.com)
>
Perhaps some fast-flux sticky cruft leftove
On Sun, 20 May 2007, Roger Marquis wrote:
> > If not, have any root nameservers been hacked?
>
> To partly answer my own question, no. The data returned by root
> (gtld) nameservers is not changing rapidly. Thanks for the pointers
> to "fast flux" too. Wasn't familiar with this attack or ter
If not, have any root nameservers been hacked?
To partly answer my own question, no. The data returned by root
(gtld) nameservers is not changing rapidly. Thanks for the pointers
to "fast flux" too. Wasn't familiar with this attack or terminology.
All the same, it would seem to be an easy
87 matches
Mail list logo
