|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: VeriSign's rapid DNS updates in .com/.net
On Thu, 22 Jul 2004 15:27:37 -1000 Randy Bush <[email protected]> wrote: | all they need to do is register foo.bar with delegation to their | dns servers, and change a third level domain name at will. Er, no. They have of course tried that already! By registering foo.bar with delegation to THEIR dns servers gives full identification of THEIR dns servers, and the host or upstream of those servers can (and often does) start invoking their acceptable use policy. If not, then all the considerations that Paul V. recently cited about neighbours who allow bad things on their network, start to kick in. The scenario I have outlined - now well established, and the mechanism understood - allows the malfeasants to operate on the 'net with zero traceability of their identity or location, based on everything they do being able to be done through zombied Windows PCs or open(ed) proxies. -- Richard Cox
|