Interesting new dns failures

• Previous message (by thread): Interesting new dns failures
• Next message (by thread): Interesting new dns failures
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/21/07, Chris L. Morrow <christopher.morrow at verizonbusiness.com> wrote:

>
> So, I think that what we (security folks) want is probably not to
> auto-squish domains in the TLD because of NS's moving about at some rate
> other than 'normal' but to be able to ask for a quick takedown of said
> domain, yes? I don't think we'll be able to reduce false positive rates
> low enough to be acceptable with an 'auto-squish' method :(
>

Well, you can autosquish IF there's enough correlation to malware
traffic and botnet hosting, like the NS set the OP posted for example.

-- 
Suresh Ramasubramanian (ops.lists at gmail.com)

• Previous message (by thread): Interesting new dns failures
• Next message (by thread): Interesting new dns failures
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]