[dns-operations] ISC SIE, channel 3
paul at vix.com
Thu Feb 7 01:24:03 UTC 2008
> Could we (where "we" means the Good Guys) possibly use such information
> to find bots or other bad things? If such results are combined e.g. with
> RBLs, they could possibly create more accurate entries, e.g. by looking
> at who made a DNS request and SMTP request or whatever.
yes! and i think we can get other blackhole list providers to run sensors
also. (though several of you who are on this list have not yet volunteered,
rest assured, i know who you are.)
> The question is, whether someone could be trusted enough to get access
> to such data, and if they could really make useful results from this
> information. I'm thinking about Spamhaus, SpamAssassin, Amavisd and
> friends. Maybe some "new invention" can be done from this, like RBL back
> in the last millennium.
cymru, arbor, gatech, and similar folks already have access, more are welcome,
noting that if your proposed use is commercial, access costs money, and if
your proposed use involves exporting or packaging the raw data or violating
the privacy of any of the sensors, you can't do it at any price.
More information about the dns-operations