North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: On-going Internet Emergency and Domain Names

  • From: Adrian Chadd
  • Date: Sat Mar 31 04:51:45 2007

On Sat, Mar 31, 2007, Suresh Ramasubramanian wrote:
> On 31 Mar 2007 06:09:30 +0000, Paul Vixie <[email protected]> wrote:
> >
> >are we really going to stop malware by blackholing its domain names?  if
> >so then i've got some phone calls to make.
> That does seem to be the single point of failure for these malwares,
> and for various other things besides [phish domains hosted on botnets,
> and registered on ccTLDs where bureaucracy comes in the way of quick
> takedowns]

.. just wait until they start living on in P2P trackerless type setups
and not bothering with temporary domains - just use whatever resolves to the
end-client. You'll wish it were as easy to track as "accessing these websites
or servers." (That, and the IPv6 space doesn't seem to be a saving grace either -
it'll be easy to identify potential hosts to infect by infecting someone
participating in P2P and moving across to other machines as you see
P2P application connections to/from them.)

Scary stuff.