you're not interesting, was Re: another brick in the wall[ed garden]

Andre Gironda andre at operations.net
Thu May 14 19:25:53 CDT 2009


On Thu, May 14, 2009 at 4:58 PM, Mark Andrews <Mark_Andrews at isc.org> wrote:
>> If I were an ISP, and I knew that approximately 99.9% of customer
>> queries to random name servers was malware doing fake site phishing or
>> misconfigured PCs that will work OK and avoid a support call if they
>> answer the DNS query, with 0.1% being old weenies like us, I'd do what
>> Sprint's doing, too.
>
>        And what's the next protocol that is going to be stomped on?

I was going to say, "will the ISP also remove the DNS MITM the day
that 99.9% of malware moves its command-and-control to the HTTP or
other layer?". I figured why bother - but your point drives it home
even further.

dre




More information about the NANOG mailing list