|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: On-going Internet Emergency and Domain Names
On Sunday 01 April 2007 01:42, you wrote: > Gadi Evron wrote: > > Thing is, the problem IS in the core. DNS is no longer just being abused, > > it is pretty much an abuse infrastructure. That needs to be fixed if > > security operations on the Internet at their current effectiveness > > (which is low as it is) are to be maintained past Q4 2007-Q2 2008. > > Imminent death of the Internet predicted. News at 11. > > This fearmongering is getting to the scale of democrazy exports. > > Pete I would also like to point out as to echo one of my other posts: If we get block happy, they (The people abusing the exploits) WILL simply move to another port, andother protocol, so unless we're willing to block every port, every protcool, to ensure that it cannot become a vector, I suggest we STOP and think tactically: Will blocking these protocols stop these people? Or will they just move to exploit another port and/or protocol? Sadly, if blocking ports and protocols becomes the only method to control things like this from occurring, I sadly will have to agree with Pete's post, as soon we're going to have all 65535 ports on all protocols (TCP, UDP, etc) blocked.
|