On-going Internet Emergency and Domain Names

• Previous message (by thread): On-going Internet Emergency and Domain Names
• Next message (by thread): On-going Internet Emergency and Domain Names
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 31 Mar 2007, Gadi Evron wrote:

> In this case, we speak of a problem with DNS, not sendmail, and not bind.

The argument can be made that you're trying to solve a windows-problem by 
implementing blocking in DNS.

Next step would be to ask all access providers to block outgoing UDP/53 so 
people can't use open resolvers or machines set up to act as resolvers for 
certain DNS information that the botnets need, as per the same analysis 
that blocking TCP/25 stops spam.

So what you're trying to do is a pure stop-gap measure that won't scale in 
the long run. Fix the real problem instead of trying to bandaid the 
symptoms.

-- 
Mikael Abrahamsson    email: swmike at swm.pp.se

• Previous message (by thread): On-going Internet Emergency and Domain Names
• Next message (by thread): On-going Internet Emergency and Domain Names
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]