Another DNS blacklist is taken down
Justin Shore
listuser at numbnuts.net
Wed Sep 24 18:07:37 UTC 2003
On Wed, 24 Sep 2003 andrew2 at one.net wrote:
> Perhaps, but it also seems like moving an RBL onto a P2P network would
> making poisoning the RBL far too easy...
That's what I was getting ready to suggest. As it stands now we have at
least somewhat of an assurance that the zone we're working with isn't
tainted. I only use DNSBLs that offer zone transfers. I only get an AXFR
from authorized NSs for that DNSBL. Assuming that NS hasn't been
compromised I feel fairly safe in assuming that the data I'm getting is
valid. It might not be but I feel that it is. If a P2P system was
devised for distributing RBL zones then some for of validation for the
distributed zones will have to be created. That would most likely involve
a central server. Now you have a server to DDoS again. *sigh* We should
just educate spammers with clue-by-fours and make the world a better
place.
Justin
More information about the NANOG
mailing list