What DNS Is Not
andrew at accessplus.com.au
Mon Nov 9 17:53:52 CST 2009
David Ulevitch wrote:
> On 11/9/09 6:06 PM, Alex Balashov wrote:
>> Anything else is COMPLETELY UNACCEPTABLE. I don't understand how or why
>> this could possibly be controversial.
> Because some people want the ability and choice to block DNS responses
> they don't like; just as they have the ability and choice to reject
> email they don't want to accept.
> When the conficker worms phones home to one of the 50,000 potential
> domains names it computes each day, there are a lot of IT folks out
> there that wish their local resolver would simply reject those DNS
> requests so that infected machines in their network fail to phone home.
Dealing with 10k~ uni students who like to spread new viruses faster
than STD's I often make light of the fact that we can use OpenDNS to a)
keep tabs on who's infected at what sites and b) prevent them from
possibly doing more damage by phoning home with info or to collect
> To use your language, I don't understand how or why this could
> possibly be controversial. -- Apparently it is.
It's as David says, there are a lot of us who would rather have the
choice than not have it.
If that's not acceptable to some then that's their decision however as a
part of our network this DNS 'tomfoolery' is something that both we and
the end user see benefits from so I don't see it going away anytime soon.
More information about the NANOG