Sitefinder and DDoS

• Previous message (by thread): Sitefinder and DDoS
• Next message (by thread): Sitefinder and DDoS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Let's assume for a moment that Verisign's wildcards and Sitefinder go 
back into operation.

Let's also assume someone sets up a popular webpage with malware HTML 
causing it, perhaps with a time delay, to issue rapid GETs to 
deliberately nonexistent domains.

What would be the effect on overall Internet traffic patterns if 
there were one Sitefinder site?  (flashback to ARPANET node 
announcing it had zero cost to any route)

How many Sitefinder nodes would we need to avoid massive single-point 
congestion?

AFAIK, the issues of distribution of Sitefinder, and even a formal 
content distribution network, were not discussed. I asked some 
general questions that touched on this at the ICANN ISSC committee 
meeting, but I think they were interpreted as directed toward the 
reliability of the Sitefinder service in operation, rather than 
potential vulnerabilities it might create.

I am NOT suggesting this simply as an argument against Sitefinder, 
and I'd like to see engineering analysis of how this vulnerability 
could be prevented.

• Previous message (by thread): Sitefinder and DDoS
• Next message (by thread): Sitefinder and DDoS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]