[dns-operations] All Too Quiet?

Erik Harrison eharrison at gmail.com
Wed Jul 30 01:20:52 UTC 2008


im hedging bets on: there hasnt been much recently that anyone's detected
because there will be an elegance to the proper exploit of this
vulnerability. i expect big things from this attack. so do all of the
vendors that released the patch in unison.

On Tue, Jul 29, 2008 at 4:21 PM, Douglas K. Fischer <fischerdk at fidoki.com>wrote:

>  I think it more likely that most bad guys will stay in the shadows until
> most people have stopped paying attention (which will probably be a few
> weeks after Black Hat). There will still be a significant number of sites
> that will not have patched, so there will be plenty of exploitable servers,
> but none of the extra vigilance there is now.
>
> FWIW,
>
> Doug
>
> Tycho Eggen wrote:
>
>  On Mon, 28 Jul 2008, Patrick W. Gilmore wrote:
>
>
>
>  Why haven't they used it yet?  Well, I am not sure they have not.
> Assuming
> they have not used it yet, well, I can't tell you why.
>
>
>  Bad guys are bad, not stupid.
> With all the kabal, they know every serious DNS operator is aware and
> watching traffic, hoping to catch one of the bad guys.
> The bad guys are not completely ignorant, and won'try to rob a bank when
> there's a police drill going on.
>
>
>  On the other hand, what if they dress up like cops and just try to fit in?
> In the mean while they could be just probing security and scanning sites
> for who's vulnerable and who's not.
>
> Just a random thought.
>
>
>
>
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080729/810da6d0/attachment.html>


More information about the dns-operations mailing list