[dns-operations] All Too Quiet?

Mohsen Souissi mohsen.souissi at nic.fr
Tue Jul 29 20:37:47 UTC 2008


 On 29 Jul, Antoin Verschuren wrote:
 | On Mon, 28 Jul 2008, Patrick W. Gilmore wrote:
 | 
 | >Why haven't they used it yet?  Well, I am not sure they have not.  
 | >Assuming they have not used it yet, well, I can't tell you why.
 | 
 | Bad guys are bad, not stupid.
 | With all the kabal, they know every serious DNS operator is aware and 
 | watching traffic, hoping to catch one of the bad guys.
 | The bad guys are not completely ignorant, and won'try to rob a bank when 
 | there's a police drill going on.

==> Definitely.

They also read public articles/blogs/stats as we do and so far, they
certainly have a good idea on who patched and who didn't. That way,
they would further know their victim and get close to them so that the
attack would be of the "greatest success"!.

For the managers, it is always much more confortable to answer the
question:

"why did you believe it was a real threat without getting the
proof and without any real known attack?" 

than the question:

"why didn't you do your part of the job when you got alerted by your
security guys?". 

I don't think they have to complain that nobody has been hurt (so far?)...



More information about the dns-operations mailing list