On-going Internet Emergency and Domain Names

Jeff Shultz jeffshultz at wvi.com
Sat Mar 31 02:44:23 UTC 2007

So, is there a list of domains that we could null-route if we could 
convince our DNS managers to set us up as the SOA for those domains on 
our local DNS servers - thus protecting our own customers somewhat?

I won't discount the assertion that there is some sort of emergency 
occurring. I would however, like to see a bit of a reference to where we 
can learn more about what is going on (I assume this is the javascript 
exploit I heard about a couple days ago).


Fergie wrote:
> Hash: SHA1
> - -- Gadi Evron <ge at linuxbox.org> wrote:
>> There is a current on-going Internet emergency: a critical 0day
>> vulnerability currently exploited in the wild threatens numerous desktop
>> systems which are being compromised and turned into bots, and the domain
>> names hosting it are a significant part of the reason why this attack has
>> not yet been mitigated.
>> This incident is currenly being handled by several operational groups.
> ...and before people starting bashing Gadi for being off-topic, etc.,
> I'll side with him on the fact that this particular issue appears to
> be quite serious.
> Please check the facts regarding this issue before firing up your
> flame-throwers -- this weekend could prove to be a quite horrible
> one.
> - - ferg
> Version: PGP Desktop 9.6.0 (Build 214)
> wj8DBQFGDcayq1pz9mNUZTMRAj48AKCVdw3bZ63ryIAI6f/NSbABZR10VACg3iZf
> thCHKv5hpQ6Dqrq+iY4j1J8=
> =MoWp
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawg(at)netzero.net
>  ferg's tech blog: http://fergdawg.blogspot.com/

Jeff Shultz

More information about the NANOG mailing list