North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: On-going Internet Emergency and Domain Names

  • From: Kradorex Xeron
  • Date: Sun Apr 01 12:17:18 2007

On Sunday 01 April 2007 00:35, Adrian Chadd wrote:
> On Sat, Mar 31, 2007, Gadi Evron wrote:
> > On Sun, 1 Apr 2007, Adrian Chadd wrote:
> > > Stop trying to fix things in the core - it won't work, honest - and
> > > start trying to fix things closer to the edge where the actual problem
> > > is.
> >
> > Thing is, the problem IS in the core. DNS is no longer just being abused,
> > it is pretty much an abuse infrastructure. That needs to be fixed if
> > security operations on the Internet at their current effectiveness
> > (which is low as it is) are to be maintained past Q4 2007-Q2 2008.
>
> And as I said tongue in cheek before - so is IP. Where do you draw the
> line?

Agreed, Really, with this block this, block that, block the other additude so 
many people have nowadays, soon enough, unless we make the effort to stop the 
problems 

>
> > > I view this kind of thing as an operational issue insomuch as it might
> > > affect my network - but malware writers are botnet operators are
> > > smarter than they once were and aren't nearly as "spray your mark
> > > everywhere as quickly as possible" as exploits used to be.
> >
> > As to malware:
> > Protect against malware on your network, this isn't what this is
> > about. It's about your network's security being reliant on someone half
> > way across the world taking care of it.
>
> For the few I'm currently responsible for; you can be absolutely certain
> my network security is reliant on me, not someone else.
>

I applaud you for your efforts, as well as to anyone else's on this list who 
makes efforts.

> I'm trying to push out the "You've got to be responsible for what you send
> just as much as what you receive" out to clients who only seem to take
> notice after their first spam blacklisting, or sneaky malware infection.
>

Indeed, end users see their computer infected with something and they act 
innocent whenever something goes wrong with it, Users often times REFUSE to 
take responsibility if their computer becomes a problem. Users simply don't 
see the importance of keeping their computer secured. 

> Have you tried pursuing the root cause of all of this horribleness -
> badly written software?
>

Good point, Software companies that create badly written code then put it out 
on the market should be more-so held accountable, Until these companies are 
held FULLY responsible for exploits and such, you're going to keep seeing 
things like "Months of bugs", it's because software companies keep rushing 
software out to the market to sell it, 

they're not concerned about security if you can make a month of bugs from one 
of their products, they're more concerned about the income and don't do 
enough security testing and QA before the software leaves their shop, and 
end-users will more than likely not ask about security of the software, 
because all they want to do is chat with their aunt bella somewhere.


It's badly written software that is one of the main vectors of botners and 
such, we shouldn't be going after DNS
>
>
>
> Adrian