Hey, SiteFinder is back, again...
D'Arcy J.M. Cain
darcy at druid.net
Mon Nov 5 19:54:17 UTC 2007
On Mon, 5 Nov 2007 17:16:11 +0100
Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> On Mon, Nov 05, 2007 at 10:54:05AM -0500,
> Andrew Sullivan <andrew at ca.afilias.info> wrote
> a message of 29 lines which said:
> > One could argue that it is less evil to do this at recursive
> > servers, because people could choose not to use that service by
> > installing their own full resolvers or whatever.
> It depends.
> There are three possible ways for an access provider to do it, in
> order of ascending nastiness:
Perhaps it is time for resolver libraries to have the ability to equate
certain IP addresses with NXDOMAIN. At least that way we can recognize
that it is happening and fix our own servers on am individual basis.
Sort of a DNS blacklist.
D'Arcy J.M. Cain <darcy at druid.net> | Democracy is three wolves
http://www.druid.net/darcy/ | and a sheep voting on
+1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner.
More information about the NANOG