Interesting new dns failures

Suresh Ramasubramanian ops.lists at
Tue May 22 11:05:01 UTC 2007

On 5/21/07, Chris L. Morrow <christopher.morrow at> wrote:

> So, I think that what we (security folks) want is probably not to
> auto-squish domains in the TLD because of NS's moving about at some rate
> other than 'normal' but to be able to ask for a quick takedown of said
> domain, yes? I don't think we'll be able to reduce false positive rates
> low enough to be acceptable with an 'auto-squish' method :(

Well, you can autosquish IF there's enough correlation to malware
traffic and botnet hosting, like the NS set the OP posted for example.

Suresh Ramasubramanian (ops.lists at

More information about the NANOG mailing list