monkeys.dom UPL being DDOSed to death
jlewis at lewis.org
jlewis at lewis.org
Tue Sep 23 22:12:11 UTC 2003
On Tue, 23 Sep 2003, Jason Slagle wrote:
> It's somewhat funny. Quite some time ago, us IRC server operators warned
> about this same thing, and were mostly just told to "not run IRC servers."
A private IRC server with one user isn't much fun.
> The anti-spammers will likely just get told to "not run DNSBL's." This
> only works up until the point that it's YOUR service thats getting hit and
> people tell you to stop running it.
A private DNSBL with one user works just fine.
If whoever is behind this succeeds in "driving all the DNSBLs off the net"
what they'll really do is drive them all underground. In the short term,
lots of networks will lose access to the public DNSBLs they've been using.
The spammers will rejoice, but that will only fuel the creation of
hundreds (maybe thousands) of new private DNSBLs. Necessity is the mother
of invention. Those with clue, will run their own. Alot of those without
will too. Some will likely even latch onto the "last snapshot" they got
before the DNSBLs they were syncing went offline/private. These will, of
course, get out of date and out of sync almost immediately.
Once you host a customer who turns out to be a spammer, good luck getting
those IPs removed from 10000 private DNSBLs. E-mail abuse management may
be the next field to really open up with job opportunities as networks
will have to contact a large portion of the internet to try to get IPs
cleared from everyone's private DNSBL...most of which will be poorly
documented if at all.
Just over 2 years ago, I posted a message titled "Affects of the
balkanization of mail blacklisting" about how ex-MAPS users were using
out-of-sync copies of the MAPS DUL after MAPS went commercial and those
networks presumably lost access to the data. I guess that was just the
tip of the iceberg.
----------------------------------------------------------------------
Jon Lewis *jlewis at lewis.org*| I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list