[dns-operations] DNS deluge for x.p.ctrc.cc

[Joe Greco]

> On Feb 27, 2006, at 1:55 PM, Andrew Sullivan wrote:
> > Note that I'm not saying people should or should not do this: I
> > really just don't know what people -- particularly root or TLD
> > operators -- should do.  But it does seem to me that this sort of
> > shunning might well actually accomplish something in at least some of
> > these cases (which is what makes it attractive, I expect).
> 
> given what rodney and rob just posted regarding the generally  
> positive response they've received (and the fact that $$$ is a  
> motivating factor to fix), i'm starting to think that shunning might  
> well be effective (outweighing the possibly negative effects).
> 
> > I also wonder about the potential for unintended effects in such an
> > arms race.  Perhaps the attackers will go after something more subtle
> > and therefore harder to work around, if shunning is effective.
> 
> possibly, but surely we shouldn't "do nothing" (not that you're  
> saying "do nothing", but people may infer that from what you just  
> said :) )
> 
> but again (from one of paul's early posts), who would sign up for a  
> bgp or http feed to shun these servers?  i'm afraid if at least a few  
> sufficiently large providers (or root-ops, or tlds), it won't be  
> effective anyway.

If shunning would be effective, wouldn't it make more sense to shun
networks that don't implement BCP38?  We could fix a wide *range* of
future attack vectors, rather than just this relatively small single
vector that doesn't even address all of the ways to abuse DNS for this
sort of thing.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.