[dns-operations] All Too Quiet?

Ondřej Surý ondrej.sury at nic.cz
Mon Jul 28 21:46:19 UTC 2008

> Has anyone observed any real DNS scans other than those of known test
> programs or researchers? I am not aware of any scans of significance.
> So, this is why I ask: Why is it so quiet?
> One one hand, since so many major ISPs have yet to patch, I am SO VERY
> GLAD (!!!) that no one has tried to exploit this vulnerability -- yet.
> On the other hand, does this lack of attacks once again give management
> the excuse to categorize "I.T. Security" as "Chicken Little"?

Umm, does it really needs to be scanned at "large". The only thing bad guys
need to do is to wait at some autoritative nameserver, set low TTL on RR
record and wait. Somebody will ask for that p0rn domain sooner or later.

Ondřej Surý
technický ředitel/Chief Technical Officer
CZ.NIC, z.s.p.o. -- .cz domain registry
Americká 23,120 00 Praha 2,Czech Republic
mailto:ondrej.sury at nic.cz http://nic.cz/
sip:ondrej.sury at nic.cz <sip%3Aondrej.sury at nic.cz> tel:+420.222745110
mob:+420.739013699 fax:+420.222745112
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080728/07d6b1e2/attachment.html>

More information about the dns-operations mailing list