North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: On-going Internet Emergency and Domain Names

  • From: Jeff Shultz
  • Date: Fri Mar 30 22:40:26 2007

So, is there a list of domains that we could null-route if we could convince our DNS managers to set us up as the SOA for those domains on our local DNS servers - thus protecting our own customers somewhat?

I won't discount the assertion that there is some sort of emergency occurring. I would however, like to see a bit of a reference to where we can learn more about what is going on (I assume this is the javascript exploit I heard about a couple days ago).

Thanks.

Fergie wrote: 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- Gadi Evron <[email protected]> wrote:

There is a current on-going Internet emergency: a critical 0day
vulnerability currently exploited in the wild threatens numerous desktop
systems which are being compromised and turned into bots, and the domain
names hosting it are a significant part of the reason why this attack has
not yet been mitigated.

This incident is currenly being handled by several operational groups.



...and before people starting bashing Gadi for being off-topic, etc.,
I'll side with him on the fact that this particular issue appears to
be quite serious.

Please check the facts regarding this issue before firing up your
flame-throwers -- this weekend could prove to be a quite horrible
one.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.0 (Build 214)

wj8DBQFGDcayq1pz9mNUZTMRAj48AKCVdw3bZ63ryIAI6f/NSbABZR10VACg3iZf
thCHKv5hpQ6Dqrq+iY4j1J8=
=MoWp
-----END PGP SIGNATURE-----

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


--
Jeff Shultz