On-going Internet Emergency and Domain Names

Gadi Evron ge at linuxbox.org
Mon Apr 2 02:32:59 UTC 2007


On 1 Apr 2007, Paul Vixie wrote:
> 
> ge at linuxbox.org (Gadi Evron) writes:
> 
> > On Sun, 1 Apr 2007, Adrian Chadd wrote:
> >
> > > Stop trying to fix things in the core - it won't work, honest - and start
> > > trying to fix things closer to the edge where the actual problem is.
> > 
> > Thing is, the problem IS in the core.
> 
> nope.  read what he wrote-- "it won't work, honest".  the problem is on the
> front-end, an "edge", specifically in the way domain tasting works.  does
> anyone really believe that there will ever again be a million domains added
> to the DNS in a 24-hour period?  (of course not.)  then why do verisign and
> the other TLD registries have to cope with many millions of updates per day?
> if we solve THAT problem, which is difficult and barely tractible, then the
> "dns core" will go on as before, working just fine all the while.
> 
> > DNS is no longer just being abused, it is pretty much an abuse
> > infrastructure.
> 
> do you mean DNS or do you mean every Internet technology including IP, UDP,
> TCP, ICMP, BGP, etc; plus most non-Internet-specific technologies including
> ASCII, Unicode, 32-bit, 64-bit, and binary?
> 
> "the internet, and technology in general, is no longer just being abused,
> it is pretty much an abuse infrastructure."  <--- i'd agree with *that*.
> (but this is not the first time I've been irritated that I can't choose which
> other humans to share the galaxy with and which ones I'd like to kick out.)

I stand corrected, the Internet is obviously the problem and botnets are
the very seriosu symptom, but consider:

This is not a DNS server being abused, it is the infrastructure. The
"network", centralized and de-centralized.

So yes, DNS has become an infrastructure for abuse even if the Internet
itself is not very safe.

	Gadi.

> -- 
> Paul Vixie
> 




More information about the NANOG mailing list