On-going Internet Emergency and Domain Names
Jeff Shultz
jeffshultz at wvi.com
Sat Mar 31 02:44:23 UTC 2007
So, is there a list of domains that we could null-route if we could
convince our DNS managers to set us up as the SOA for those domains on
our local DNS servers - thus protecting our own customers somewhat?
I won't discount the assertion that there is some sort of emergency
occurring. I would however, like to see a bit of a reference to where we
can learn more about what is going on (I assume this is the javascript
exploit I heard about a couple days ago).
Thanks.
Fergie wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - -- Gadi Evron <ge at linuxbox.org> wrote:
>
>> There is a current on-going Internet emergency: a critical 0day
>> vulnerability currently exploited in the wild threatens numerous desktop
>> systems which are being compromised and turned into bots, and the domain
>> names hosting it are a significant part of the reason why this attack has
>> not yet been mitigated.
>>
>> This incident is currenly being handled by several operational groups.
>>
>
>
> ...and before people starting bashing Gadi for being off-topic, etc.,
> I'll side with him on the fact that this particular issue appears to
> be quite serious.
>
> Please check the facts regarding this issue before firing up your
> flame-throwers -- this weekend could prove to be a quite horrible
> one.
>
> - - ferg
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.0 (Build 214)
>
> wj8DBQFGDcayq1pz9mNUZTMRAj48AKCVdw3bZ63ryIAI6f/NSbABZR10VACg3iZf
> thCHKv5hpQ6Dqrq+iY4j1J8=
> =MoWp
> -----END PGP SIGNATURE-----
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg(at)netzero.net
> ferg's tech blog: http://fergdawg.blogspot.com/
>
--
Jeff Shultz
More information about the NANOG
mailing list