Federal Government Interest in your patch progress

Sean Donelan sean at donelan.com
Fri Jul 25 17:32:07 UTC 2008

On Fri, 25 Jul 2008, Jared Mauch wrote:
> 	They wanted someone to apporach those NANOG guys to see if they'll get
> off their butts and upgrade.  Personally, I share some of their frustration
> in getting the reasonable people to upgrade their software, knowing that
> the unreasonable folks won't.  The question is how can we as an interdependent
> industry close the gaps of the "Bubba" SPs and their software upgrade
> policies?
> 	That being said, is there anyone keeping metrics of what upgrades have been
> done so far?

Unfortunately, several of the public "testing" sites have been generating
false-positives.  The ISPs have updated their DNS servers, some several 
weeks ago, but the testing site gets confused.  Several DNS "security 
experts" (i.e. anyone with a blog) have also been confused about which 
ISPs manage which DNS servers versus other DNS servers on a network.
Lots of phone calls to the wrong service providers complaining about
the wrong things.

Some folks who handle lookups for lots of domains have some data, but
without knowing which DNS servers are "official" ISP recursive servers and 
which DNS servers are just random recursive resolvers owned by end-users, 
breaking down the data by ISP is a bit of a challange.

If you just want data about overall DNS upgrade activity, not broken down
by "official" or "unofficial" servers, that could be easier to collect.

More information about the NANOG mailing list