On-going Internet Emergency and Domain Names

Steven M. Bellovin smb at cs.columbia.edu
Sat Mar 31 02:48:51 UTC 2007

On Fri, 30 Mar 2007 19:44:23 -0700
Jeff Shultz <jeffshultz at wvi.com> wrote:

> So, is there a list of domains that we could null-route if we could
> convince our DNS managers to set us up as the SOA for those domains
> on our local DNS servers - thus protecting our own customers somewhat?
> I won't discount the assertion that there is some sort of emergency
> occurring. I would however, like to see a bit of a reference to where
> we can learn more about what is going on (I assume this is the
> javascript exploit I heard about a couple days ago).

No -- it's a 0day in Internet Explorer involving animated cursors --
and it can be spread by visiting an infected web site or even by email.


or see lots of news stories about it at

		--Steve Bellovin, http://www.cs.columbia.edu/~smb

More information about the NANOG mailing list