GoDaddy.com shuts down entire data center?

Simon Waters simonw at zynet.net
Mon Jan 16 10:43:01 UTC 2006


Doesn't this fall under bad things happen.

Hopefully it is very clear to all on NANOG that DNS changes can have 
unforeseeable consequences, because of the nature of the delegation in the 
DNS.

As such pulling DNS records (or zones) you don't fully understand the usage 
of, as a response to a security/spam problem, is generally a bad idea.

That said ultimately a decision has to be taken, relative benefits versus 
risks. 

I'm very grateful someone arranged that all records used by the "MINIT" trojan 
now point to an RFC1918 private address space*, having found infected boxes 
failing to download their payload as a result. However pulling DNS records 
probably doesn't belong in the hurly burly of front line support.

 Simon

*Anyone going to check how many DNS servers are still caching "asfasf.ath.cx", 
to tell how many boxes "nearly" downloaded the payload? In the style of the 
Sony DRM fiasco measurement.



More information about the NANOG mailing list