North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: On-going Internet Emergency and Domain Names
On Sat, Mar 31, 2007, Suresh Ramasubramanian wrote: > > On 31 Mar 2007 06:09:30 +0000, Paul Vixie <[email protected]> wrote: > > > >are we really going to stop malware by blackholing its domain names? if > >so then i've got some phone calls to make. > > That does seem to be the single point of failure for these malwares, > and for various other things besides [phish domains hosted on botnets, > and registered on ccTLDs where bureaucracy comes in the way of quick > takedowns] .. just wait until they start living on in P2P trackerless type setups and not bothering with temporary domains - just use whatever resolves to the end-client. You'll wish it were as easy to track as "accessing these websites or servers." (That, and the IPv6 space doesn't seem to be a saving grace either - it'll be easy to identify potential hosts to infect by infecting someone participating in P2P and moving across to other machines as you see P2P application connections to/from them.) Scary stuff. Adrian
|